_  Who  Wants  to  be  an 

Entrepreneur: 


Have  an  idea  for  a  new  product  service  or  company?  Enter  our  “Who  Wants  to  be  an  Entrepreneur?" 
contest  and  earn  a  shot  at  $30,000  in  cash  and  services  at  www.nwfusion.com,  DocFinder:  1631. 
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PBX,  WLAN  and  handset 
makers  are  forming  an 
array  of  alliances  to  offer 
complete  voic&overwireless 
systems.  Learn  what  msuor 
players  bring  to  the  dance 
and  how  their  footwork  has 
wooed  some  early  adopters. 
Page  41. 


security  and  quality  of 
service  still  in  the  works, 


Vendors  to 
target  XML 
traffic  jam 


Product  palooza  at  N+l 


■  BY  PHIL  HOCHMUTH,  TIM 
GREENE  AND  DENISE  DUBIE 

A  rebounding  NetWorld+ 
Interop  will  showcase  a  bevy  of 
new  switching,  security  and 
management  wares  two  weeks 
from  now  in  Las  Vegas,  but  it  will 
be  the  show’s  swan  song  at  the 
Las  Vegas  Convention  Center. 


Having  grown  over  eight  years 
to  fill  two  great  halls  in  its  hey¬ 
day,  N+I  next  year  will  retreat  to 
the  Las  Vegas’  Mandalay  Bay  Con¬ 
vention  Center,  which  is  one- 
third  the  size  and  better  suited 
for  what  today  is  a  smaller  show. 

Even  though  event  organizers 
MediaLive  say  next  month’s  N+I 
will  feature  25%  more  vendors 


than  last  year  —  about  350  — 
and  draw  20,000  attendees,  that 
is  a  fraction  of  the  800  vendors 
and  50,000  attendees  the  show 
attracted  in  2000. 

But  with  IT  budgets  on  the  rise 
See  N+I,  page  69 


■  BY  JOHN  FONTANA 

Looking  to  help  customers  rein 
in  the  growing  traffic  created  by 
XML  and  Web  services  applica¬ 
tions,  a  slew  of  vendors  are 
developing  gigabit-speed  silicon 
that  ultimately  might  be  found  in 
equipment  throughout  corpo¬ 
rate  networks. 

DataFbwer,  maker  of  XML  secur¬ 
ity  and  acceleration  appliances, 
next  week  will  introduce  its  XG4 
family  of  silicon-based  XML  en¬ 
gines,  which  handle  XML  at  higher 


speed  and  can  be  embedded 
into  switches,  routers,  storage  de¬ 
vices,  load  balancers  and  servers. 

Also  next  week,  Intel  spinoff 
Tarari  will  upgrade  its  silicon- 
based  XML  Content  Processor 
PCI-cards  with  its  proprietary 
Random  Access  XML  (RAX) 
technology  for  gigabit-speed  pro¬ 
cessing  of  XML.  Within  a  year, 
Tarari  plans  to  put  the  technol¬ 
ogy  on  an  ASIC. 

Start-up  Conformative  Systems 
plans  to  release  by  year-end  its 
See  XML,  page  68 


A  Wider  Net 


RFID  everywhere: 
From  amusement 
parks  to  blood 
supplies 

Early  adopter  ‘labeled  the 
devil'  for  dabbling  in  wireless. 


the  youngster’s  location  using  a  cell  phone  and 
rented  ID  worn  by  the  child.  S' 

At  its  opening  day  in  March,  the  park  launched 
this  child-tracking  system,  which  relies  on  radio 
frequency  identification  (RFID)  and  wireless 

See  RFID,  page  14 


BY  ANN  BEDNARZ 


Amusement  park  Legoland  in  Billund, 
Denmark,  has  taken  the  concept  of  “lost 
and  found”  to  a  new  level.  If  a  child  gets 
lost  somewhere  between  Titania’s  Palace  and 
Safari  Park,  a  parent  quickly  can  home  in  on 


Our  guide  to  top  attractions  at  this 
month's  NetWorld+Interop  2004  Las 
Vegas,  including  a  glimpse  into  what 
Network  World  will  be  up  to  at  the 
show.  Page  51. 


RFID  lets  parents  track  their  children  at  Legoland  in  Denmark. 


Based  on  an  IOC  study  of  seven  Red  Hat  Linux  and  IBM  xSeries  customer  implementations  assessed  over  a  three-year  time  frame  at  a  discount  rate  of  10%.  'Linux  and  Intel-Based  Servers:  A  Powerful 
Combination  to  Reduce  the  Costs  of  Enterprise  Computing,"  IDC  white  paper,  sponsored  by  IBM  and  Red  Hat  Corporation,  May  2003.  Results  achieved  may  not  be  typical.  Actual  customer  experience  may 
va'y  Additional  charges  apply.  Standard  support  includes  next-business-day  response  in  some  countries.  IBM,  the  e-business  logo.  eServer,  the  eServer  logo  and  xSeries  are  trademarks  or  registered 


Want  a  server  with  an  impressively  high  return  on  investment?  Try  a  Linux-ready  IBM  eServer  xSeries  system 
with  powerful  Intel’"  Xeon™  processors.  An  IDC  study  of  several  companies  running  Linux  on  xSeries  servers  revealed 
that  these  companies  realized  a  high  average  ROI  of  504%  over  three  years.  And,  in  most  cases,  they  achieved 
payback  of  their  initial  investment  in  less  than  three  months1.  That’s  ROI  in  a  jiffy.  For  an  IDC  white  paper  on  Linux 
and  On  Demand,  visit  ibm.com/eserver/advantage 


5  reasons  more  and  more  businesses  are  turning  to  IBM  eServer ™  xSeries ®  systems  with  Intel  Xeon  processors. 


Scale  1-16  way  with  select 

IBM  Director  systems 

Broadest  line  of  servers  that 

Mainframe-inspired 

24/7/365  optional  onsite 

models.  Pay  as  you  grow. 

management. 

run  Linux  in  the  industry. 

technologies. 

hardware  support.2 

@  server 


Not  only  are  IBM  eServer  xSeries  systems 
powered  by  Intel  Xeon  processors,  they  raise  the 
question,  how  high  can  you  make  your  ROI? 


trademarks  ot  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Intel,  Intel  Inside,  the  Intel  Inside  logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks 
ot  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  ol  others.  ©2004  IBM  Corporation. 
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NetVanta  1224STR 
The  functionality  of  five 
devices  for  the  price  of  one. 


iP  Pniitnr 


Firewall 


Ethernet  Switch 


VPN 

DSU/CSU 


Introducing  the  NetVanta"  1 224STR  from  ADTRAN. 


mmm 
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mm 


Egg  <*>«[ ^*j  »T| Filipp: 

Managed,  24-Port 

Layer  2  Switch 

✓ 

Gigabit  Ethernet  Uplinks 

✓ 

IP  Access  Router 

✓ 

Stateful  Inspection  Firewall 

✓ 

DSU/CSU 

✓ 

QoS 

✓ 

VLAN  trunking 

✓ 

Command  Line  Interface  (CLI) 

✓ 

Intuitive  Web  GUI 

✓ 

ADTRAN  OS 

✓ 

Optional  Virtual  Private 
Networking 

✓ 

Optional  Dial  Backup 

✓ 

Optional  PBX  Connectivity 

✓ 

Unlimited  Telephone 

Technical  Support 

✓ 

Free  Firmware  Updates 

✓ 

5-Year  Warranty 

✓ 

Available  at  a  price  point  well  below  competing 
multi-box  solutions,  the  NetVanta  1224STR 
will  change  the  way  you  connect  remote  locations. 


Lower  the  cost  of  enterprise  connectivity  with  the  powerful  new 
NetVanta  1224STR.  This  fuU-function  WAN/LAN  access  platform 
does  the  work  of five  devices  for  the  price  of  one.  Suitable  for  networks 
of  any  size,  the  NetVanta  1224STR  offers  everything  you  need  to  bring 
a  branch  office  or  remote  location  online,  including  managed  Layer  2 
Ethernet  switching,  full-featured  IP  routing,  firewall  protection,  VPN, 
and  WAN  termination — all  in  a  compact  1U  chassis.  It  is  QoS,  VLAN, 
and  Gigabit  Ethernet  capable,  and  offers  affordable  dial  backup  and 
voice  options.  ADTRAN's  new  NetVanta  1000  Series  of  Layer  2  Ethernet 
switches  is  backed  by  a  1 00%  satisfaction  guarantee,  including  unlimited 
technical  support,  free  firmware  upgrades,  and  a  5-year  warranty. 


Test  drive  a  NetVanta  1224STR  today! 
Win  a  free  baseball  cap! 


www.adtran.com/in  fo/coolswitch 


877.591.3055  Technical  Questions 
877.280.8416  Where  to  Buy 


The  NetVanta  Series 


NetVanta  1000  Series  NetVanta  2000  Series  NetVanta  3000  Series 

Managed  Layer  2  Ethernet  Switches  Firewalls/VPN  IP  Routers 


The  Network  Access  Company 


Adirati 


Copyright©20W  ADTRAN,  Inc.  All  rights  reserved,  ADTRAN  and  NetVanta  are  registered  trademarks  of  ADTRAN,  Inc.  EN70A042604NW 


NetworkWorld 


8  IBM  powers  up  server-partitioning  technology. 

8  Cisco,  IBM  team  on  blade  server  offering. 

10  Defense  Department  issues  wireless  defense  orders. 

10  VoIP  veterans  swap  stories,  advice  at  Enterprise  Networks  2004. 
12  Mesh  networks  winning  converts. 

14  CEO  Dunn's  done,  but  what  of  Nortel? 

16  Archives  enters  compliance  market. 

17  Symbol  toughens  up  tri-mode  wireless  handhelds. 

17  IBM  expands  SMB  offerings. 


Infrastructure 

■  19  Opteron  servers  handle 
growth  of  Weathencom. 

■  19  Siemens  launches  high-end 
IP  PBX. 

■  20  Secure  Sockets  Layer 
appliance  on  tap  from  Check  Point. 

■  22  Dave  Kearns:  Too  many 
'chicken  luddles’  spoil  the  soup. 


Technology 

Update 

■  33  IPoS  expands  reach  of 
satellite  apps. 

■  33  Steve  Blass:  Ask  Dr. 

Internet. 

■  34  Mark  Gibbs:  Barracuda 
takes  a  bite  out  of  our  spam 
problem. 


VoWhFi  hoedown 

PBX,  WLAN  and  handset  makers  step  together  to 
choreograph  pre-standard  voice-over-wireless  systems.  Page  41 

Heeding  the  VoWifi  call 

Healthcare  and  education  are  among  the  industries  eager 
to  enjoy  mobility  and  cost  savings.  Page  44. 
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XOSoft  gets  kudos  for  Exchange  help 

I  CLEAR  CHOICE  IOI  No  company  can  afford  to  have  its  Exchange  server  go  down,  so  we  tested  four 
IHESSt.-.  "niiii isnwi^l  products  that  provide  disaster  recovery  for  Microsoft  e-mail.  XOSoft's  WANSync 

high-availability  product  wins  our  test  based  on  its  ease  of  deployment  and  solid  performance.  Page  47. 
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Free  downloads 


Columnists 

Wireless  Wizards 


Enterprise 

Applications 

■  25  B2B  acquisitions  highlight 
data  quality. 

■  25  IPolicy  releases  multifunction 

firewall. 

■  26  Scott  Bradner: 

Resetting  the  Internet? 

■  28  Special  Focus: 

Freeware  and  shareware  help 
monitor  networks. 

Service  Providers 


■  34  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 

Opinions 

■  38  On  technology: 

Broadband  in  spotlight. 

■  39  Gian  Zoppo:  Keeping  IT 
in  the  strategic  mix. 

■  39  Daniel  Briere:  The 

Rodney  Dangerfields  of  telecom. 

■  70  BackSpin:  Getting  rid  of 
scumware.  Mostly. 

■  70  Compendium:  Social 
networks:  The  next  big  thing? 

■  63  Career  classifieds. 


From  application  development  and  databases  to  management  and  secur¬ 
ity,  check  out  our  free  and  evaluation  software.  DocFinder:  1850 


Networking  encyclopedia 

Don’t  know  your  ADSL  from  your  Zombies?  Check  out  our  definitions 
and  resources  of  networking  terms,  technologies  and  more. 

DocFinder:  1641 


Should  we  go  wireless  in  our  data  center? 

A  reader  asks  the  Wizards:  “With  the  need  to  monitor  power 
and  the  environment  within  our  data  center,  will  wireless  technol¬ 
ogy  be  able  to  function  for  this  application  with  all  of  the  metal 
racks,  chassis  and  cabinets?"  DocFinder  1852 

Telework  Beat 

Dust  off  your  resume 

As  the  job  market  improves,  Net.Worker  Managing  Editor  Toni 
Kistner  says  employees  are  beginning  to  poke  around  for  flexi¬ 
ble  benefits.  DocFinder:  1643 

Small  Business  Tech 

More  blocking  applications 

Columnist  James  Gaskin  says  Netscape  and  Mozilla  offer  big 
advantages  over  Outlook. 

DocFinder:  1854 


Audio  primer:  Basic  wireless  LAN  security 

Learn  the  technologies  and  techniques  used  for  securing  a  small 
office/home  office  WLAN  network.  DocFinder:  1851 

NW200  Compare-o-matic 

If  you  can't  get  enough  of  the  facts  and  figures  of  the  Network  World  200 
companies,  head  online,  where  you  can  compare  companies  head-to-head 
in  20  categories, 

DocFinder:  1738 


■  31  MCI  strengthens  security 
services. 

■  31  Technology  pinpoints  BGP 
faults. 

■  32  Johna  Till  Johnson: 

Convergence:  Not  hip,  still  happening. 


Management 

Strategies 

■  56  Calculating  costs  of  WLANs: 
WLAN  switch  prices  and  features  are 
all  over  the  map.  Here's  help  sorting 
through  the  offers. 


Users  can  read  their  old  flop¬ 
pies  with  Iomega's  Floppy 
Plus  7-in-1  Card 
Reader.  Page  34. 


Seminars  and  events 

f - 

Are  you  totally  secure  in  your  enterprise 
security  management? 

Are  you  managing  your  network  as  a  security  intelligence  asset?  Find  out 
how  and  get  the  answers  you  need  at  Enterprise  Security:  Fail-Safe 
Architecture,  a  new  Network  World  Technology  Tour  Event.  Click,  qualify 
and  attend  free. 

DocFinder:  1856 
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Home  Base 

Keep  your  SOX  on 

Truth  be  told,  the  new  federal  regulations  don't  affect  SMB 
much  —  for  now,  columnist  Steve  Ulfclder  says. 

DocFinder  1855 


Breaking  News 

Go  online  for  breaking  news  every  day.  DocFinder:  8342 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  6343 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Cisco  wireless  wares  set  to  fly 

■  Cisco  is  expected  next  week  to  improve  its  wireless  LAN  offerings 
by  adding  WLAN  features  to  its  Catalyst  switches.  The  strategy, 
dubbed  structured  wireless-aware  network  or  SWAN,  is  a  response 
to  rivals  that  are  centralizing  WLAN  management  and  security  on 
controllers  and  wireless  switches.  What’s  unclear  is  how  many  fea¬ 
tures  will  shift  from  Cisco’s  Aironet  line  of  access  points  to  Catalyst, 
how  the  shift  will  affect  the  Aironet  product  road  map  and  pricing, 
and  whether  current  Aironet  users  will  need  a  migration  strategy  as 
SWAN  unfurls  its  wings.  Also  expected  is  an  update  on  Cisco’s  radio 
frequency  management  capabilities,  currently  a  weak  area  com¬ 
pared  with  its  rivals. 

Users  fire  back  at  SCO 

■  Two  companies  The  SCO  Group  targeted  with  lawsuits  earlier  this  year  have  fired  back 
questioning  the  very  foundation  of  SCO’s  allegations.  Car  maker  DaimlerChrysler  AG  and 
auto  parts  retailer  AutoZone  filed  court  documents  last  month  responding  to  SCO’s 
charges.  In  a  lawsuit  filed  in  March,  SCO  accused  DaimlerChrysler  of  violating  a  14-year- 
old  Unix  licensing  agreement  by  not  providing  “certification  of  compliance.”  In  court  doc¬ 
uments,  DaimlerChrysler  says  it  has  provided  SCO  with  appropriate  certification  and  that 
it  in  fact  is  not  and  has  not  used  the  licensed  software  for  more  than  seven  years.  Auto¬ 
Zone  responded  to  allegations  that  it  is  violating  SCO  copyrights  by  running  Linux  by 
arguing  that  questions  regarding  whether  Linux  indeed  violates  any  SCO  copyrights  and 
whether  SCO  owns  those  copyrights  to  begin  with  must  first  be  decided  in  several  other 
pending  lawsuits.  IBM,  Red  Hat  and  Novell  are  currently  in  legal  battles  with  SCO  over 
Unix  copyrights. 

Patches?  We  don't  need  no  stinking  patches 

■  Patches  usually  fix  problems,  not  cause  them.  But  last  week  Microsoft  said  a  recently 
released  software  patch  for  its  Windows  operating  system  is  causing  some  Windows  2000 
machines  to  stop  responding  after  it  is  installed.  Some  systems  that  use  the  security  up¬ 
date,  MS04-01 1,  stop  responding  when  they  start  up,  prevent  users  from  logging  on  to 
Windows  or  bog  down,  Microsoft  said  in  a  story  published  last  week  on  its  Knowledge 
Base  online  help  database, The  security  patch  was  released  April  13  and  fixes  a  number 
of  holes  in  Windows,  including  problems  with  Windows’  implementation  of  Secure 
Sockets  Layer.  The  story  said  a  software  change  in  the  patch  causes  Win  2000  systems  to 
repeatedly  try  to  load  drivers  that  cannot  load  successfully  causing  the  hang-ups  (see 
www.nwfusion.com,  DocFinder:  1860).  Microsoft  said  it  is  researching  the  problem. 


“Geez,  they  could 
have  put  some 
beer  in  before  they 
teleported  it.” 

Doug  Dearden  of  Santa  Fe  wins  top  honors  and  Fusion  goodies 
for  supplying  the  above  and  winning  our  latest  Weekly  Caption 
Contest.  Wanna  be  a  winner  like  Doug?  Check  out  Layer  8  every  Monday  afternoon  for 
the  start  of  a  new  contest,  http://napps.nwfusion.com/weblogs/layer8/index.html 
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■  Thi  Good  ie  Bad  teUgly 


Tea  time  for  computers. 


Getting  carried  away. 


A  new  compound  that  borrows  from  green 
tea  could  be  used  to  make  computer  hard 
drive  manufacturing  more  efficient  and 
environmentally 
safe,  according 
to  researchers 
funded  by  the 
National  Science 
Foundation.  The 
compound  could  be 
used  for  polishing 
hard  drive  read- 
write  heads. 

Well  drink  to  that.  > 


Well  spare  this  company  the  embarrassment  by  not  naming  it,  but  one  vendor's 
e-mail  plea  to  us  last  week  to  set  up  a  meeting  at  NetWorld+Interop  boasted  that 
the  company's  all-in-one  IT  product  for  small  companies  "has  taken  the  world  by 
storm"  since  being  introduced  a  year  ago.  If  that's  true,  why  the  need  for  any  more 
exposure? 


®  Big  boo.  A  couple  of  dozen  protesters  targeted  IBM  last  week  at  the  company’s 
annual  meeting  in  Providence,  R.I.,  with  sporadic  chants  of  "Offshore  the  CEO!"  and 
signs  reading  “America’s  future  is  not  offshore"  and  “Retrain  for  what?"  The 
demonstrators  were  raising  notice  that  the  politically  controversial  issue  of  offshoring 
would  be  on  the  table  at  the  meeting,  where  several  shareholder  proposals  centered 
on  employee  discontent  with  IBM's  labor  and  executive  compensation  practices. 


Meanwhile,  key  Microsoft  Service  Pack  delayed 

■  Service  Pack  2  for  Windows  XR  originally  planned  to  ship  in  the  first  half  of  the  year,  will 
now  at  best  be  released  in  July  Microsoft  as  recently  as  last  week  said  SP2  was  on  sched¬ 
ule.  The  company  now  has  decided  to  delay  the  update  to  “some  time  in  the  third  quar¬ 
ter”  because  testing  has  not  been  completed  and  Microsoft  continues  to  make  changes  to 
the  software  based  on  tester  input,  the  company  says.  SP2  is  more  than  the  usual  roll-up 
of  bug  fixes  and  updates.  It  also  is  being  used  to  make  significant  changes  to  the  software 
that  are  designed  to  improve  security  Microsoft  has  said. 

Congress  to  take  a  (another)  swipe  at  spyware 

■  At  best,  spyware  is  an  invasion  of  privacy  At  worst,  it  can  steal  personal  data,  track  Web 
activity  and  breed  viruses.  Such  activities  would  naturally  encourage  government  involve¬ 
ment,  and  last  week  they  did.  Rep.  Jay  Inslee  (D-Wash.)  introduced  a  bill  in  the  House  of 
Representatives  that  would  forbid  people  from  knowingly  sending  programs  designed  to 
record  recipients’ Web  browsing  habits  and  collect  personal  data  such  as  credit  card  and 
Social  Security  numbers.The  bill  would  punish  violators  with  up  to  five  years  in  jail  for  the 
first  offense  and  10  years  in  jail  for  the  second.  Inslee’s  proposal  is  the  third  spyware  bill  to 
be  introduced  in  Congress  this  year.  As  for  laws, only  Utah  has  passed  one  banning  spyware. 
Microsoft  estimates  spyware  is  responsible  for  half  of  all  PC  crashes. 

Gazillions  for  Google 

■  Google’s  filing  for  an  IPO  last  week  could  provide  a  boost  for  other  technology  com¬ 
panies  seeking  to  raise  public  funds,  although  the  popular  search  company  is  by  no 
means  ahead  of  the  field  with  its  move  to  become  a  listed  company  industry  watchers 
said.  Google  filed  papers  for  its  much-anticipated  public  offering  Thursday,  with  intent  to 
raise  more  than  $2.5  billion  from  the  sale  of  itsstock.The  company’s  popularity, combined 
with  an  almost  nostalgic  regard  for  its  dot-com  business  model, caused  the  move  to  attract 
widespread  attention  among  investors  and  the  media.The  IPO  wagon  had  already  started 
rolling  without  Google’s  help.  More  than  two  dozen  high-tech  companies  have  filed  for 
public  offerings  in  recent  months,  including  Salesforce.com,  Shopping.com,  Brightmai! 
and  Lindows. 
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□ 
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More  seamless  accessibility  options. 


A  better  security  option. 


More  IP  data  options  from  Sprint. 


Sprint  has  more  IP  data  options  to  meet  your  company's 
needs  than  AT&T. 

•Sprint  IP  data  services  provide  seamless 
access  to  your  corporate  data,  enabling  you 
to  connect  your  headquarters  to  branch 
offices,  home  offices  and  mobile  employees. 

•  The  Sprint  Peerless  IP  network  is  more  secure 
since  it  has  no  connection  to  the  public  Internet. 

Get  the  facts  at  sprint.com/facts  or  call  866-700-0029 
for  a  Business  Representative. 


One  Sprint.  Many  Solutions;" 

Voice/Data  PCS  Wireless  Internet  Services  E-Business  Solutions  Managed  Services 


Accessibility  claims  based  on  the  portfolio  of  seamless  Sprint  IP  and  wireless  network  capabilities,  and  the  portfolio  of  the  AT&T  IP  network  Security  claims  based  on  the  Sprint  Peerless  IP  network  and 
the  AT&T  IP  network.  ©Sprint  2004.  All  rights  reserved.  Sprint  and  the  diamond  logo  are  trademarks  of  Sprint  Communications  Company  L.P  All  other  marks  are  the  property  of  their  respective  owners 
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IBM  powers  up  server  partitioning 

Big  Blue  adapts  virtualization  of  servers,  storage  across  all  its  enterprise  products. 


Virtually  seamless 

IBM’s  Virtualization  Engine  technology  is  aimed  at  creating 
a  true  on-demand  environment  where  resources  can  be 
managed  and  shared.  A  look  at  how  the  partitioning 
capabilities  in  the  Power  5  processor  operate: 


O  Using  the  Virtualization  Engine  technology,  an  IT  manager  can  set  business  rules  for 
minimum  and  maximum  CPU  utilization  for  each  application.  For  example,  the  payroll 
application  and  e-mail  application  could  be  sharing  two  CPUs  and  have  settings  that 
let  each  use  up  to  1.75  processors,  but  not  less  than  a  quarter  of  a  processor. 

©  A  virus  or  some  other  unforeseen  event  could  result  in  floods  of  e-mail,  resulting  in 
the  need  for  more  CPU  cycles  to  handle  the  additional  workload.  If  the  payroll  application 
is  not  busy,  the  e-mail  application  could  grab  cycles  from  the  CPU  where  the  payroll 
application  is  running.  With  the  Virtualization  Engine  technology,  this  resource  sharing 
happens  automatically. 


■  BY  JENNIFER  MEARS 

For  years,  mainframe  users  have 
been  able  to  securely  partition 
systems  into  multiple  virtual 
servers  that  could  share  re¬ 
sources  and  be  securely  and 
effectively  managed  with  a  single 
tool.  Now  IBM  wants  to  spread 
those  kinds  of  capabilities  across 
all  its  enterprise  products  with  its 
new  Virtualization  Engine. 

Unveiled  last  week,  Virtualiza¬ 
tion  Engine  is  the  result  of  three 


years  of  work  by  IBM  to  integrate 
mainframe-partitioning  technol¬ 
ogy  with  features  such  as  work¬ 
load  management,  systems  provi¬ 
sioning  and  grid  services. 

These  features  are  available  in 
stand-alone  products  such  as 
Tivoli  management  software,  En¬ 
terprise  Workload  Manager  and 
WebSphere.  In  addition,  IBM’s 
management  software  for  its  x86 
servers,  IBM  Director,  now  will 
support  Unix  boxes  and  give 
users  a  single  point  from  which  to 


manage  the  health  of  their  het¬ 
erogeneous  systems. 

Virtualization  Engine  will  con¬ 
sist  of  two  main  components:  Vir¬ 
tualization  Engine  Systems  Ser¬ 
vices  and  Virtualization  Engine 
Systems  Technologies. 

Virtualization  Systems  Services 
software  will  include  Enterprise 
Workload  Manager  for  managing 
resources  across  heterogeneous 
systems;  IBM  Director  Multiplat¬ 
form  for  monitoring  the  health  of 
heterogeneous  systems;  systems 
provisioning;  and  IBM’s  grid  tool 
kit.One  Virtualization  Engine  con¬ 
sole  will  display  system  health 
and  other  information  across  all 
resources. 

Virtualization  Engine  Systems 
Technologies  software  will  in¬ 
clude  CPU-partitioning  capabili¬ 
ties,  virtual  I/O  so  that  I/O  re¬ 
sources  can  be  shared  between 
operating  systems  and  parti¬ 
tions,  and  virtual  LAN  support  so 
partitions  can  communicate 
internally 

In  addition,  Virtualization  En¬ 
gine  will  include  storage-virtual¬ 
ization  technologies,  including 
the  TotalStorage  SAN  Volume 
Controller,  which  lets  users  in¬ 
crease  pooled  storage  without 
disrupting  the  application. 

A  key  feature  of  Virtualization 
Engine  is  the  ability  to  slice  sys¬ 
tems  built  on  IBM’s  new  Power5 
chip  into  as  many  as  10  partitions 
per  processor  —  a  four-way  box 
could  be  sliced  into  40  partitions. 
In  the  past,  Unix  partitions  could 
only  be  as  small  as  a  single  pro¬ 
cessor.  The  mainframe  and  IBM’s 
midrange  iSeries  servers,  formerly 
the  AS/400,  already  have  this 
micro-partitioning  capability 

As  for  IBM’s  x86-based  xSeries 
line,  the  partitioning  technology 
will  come  from  third-party  ven¬ 
dors  such  as  VMware,  although 
the  servers  will  benefit  from  the 
integrated  management  features 
available  in  Virtualization  Engine, 
a  spokesman  says. 

“Virtual  Engine  is  designed  to 
give  customers  the  ability  to  get 
great  utilization  of  their  systems 
by  sharing  and  pooling  assets 
they  have  and  then  managing 
multiple  operating  systems  and 
different  partitions  together,”  says 
Ian  Jarman,  manager  of  IBM’s 
midrange  iSeries  servers. 

The  iSeries  will  be  the  first  to  get 
the  Virtual  Engine  technology 
when  it  is  upgraded  with  IBM’s 
new  Power5  processor  next 


month.  IBM  is  expected  to  intro¬ 
duce  the  new  eServer  i5  systems 
and  an  updated  operating  sys¬ 
tem,  i5/OS,  this  week.  The  one-  to 
two-way  i5  Model  520,  which 
starts  at  about  $10,000,  and  the 
two-  to  four-way  i5  Model  570, 
with  a  base  price  of  $85,000,  are 
scheduled  to  be  available  next 
month. 

Nigel  Fortlage,  vice  president 
of  IT  at  Canadian  customs  bro¬ 
ker  GHY  International,  has  seen 
cost  savings  as  a  result  of  con¬ 
solidating  servers  onto  two 
iSeries,  but  says  he  expects  more 
savings  when  he  brings  in  a  new 
i5  system. 

IBM  says  the  new  systems  will 
support  AIX  in  the  third  quarter, 
which  gives  Fortlage  a  migration 
path  for  a  stand-alone  Unix  server 
that  he  had  not  been  able  to  con¬ 
solidate  onto  the  iSeries.  In  addi¬ 
tion,  the  virtualization  technology 
will  eliminate  management  head¬ 
aches  associated  with  monitoring 
partitioned  resources  and  enable 
better  utilization  of  the  server 
overall,  Fortlage  says. 

“Today  we  have  to  do  a  manu¬ 
al  adjustment  to  handle  changes 
in  application  demands  in  the 
different  partitions,”  he  says. 
“With  this  new  technology,  all 
can  be  automated  so  you  can 
set  high  and  low  performance 
limits  and  characteristics  associ¬ 


ated  with  that  environment.  And 
it  will  on  its  own  decide  when 
you  need  those  resources  and 
actually  de-allocate  and  re-allo- 
cate  those  resources  for  you.” 

While  virtualization  is  the  cor¬ 
nerstone  of  the  move  toward 
utility  computing,  analysts  say 
that  today  the  management  of 
virtualized  servers  and  parti¬ 
tioned  servers  can  be  daunting. 
That’s  because  vendors  don’t 
offer  a  single  integrated  tool  to 
manage  virtualized  resources. 
For  example,' Sun  still  has  dis¬ 
tinct  virtualization  engines  for 
servers  and  storage. 

“The  expectation  for  all  the 
pieces  [of  Virtualization  Engine] 
is  that  they  will  play  nicely 
together/  says  Jonathan  Eunice, 
president  and  principal  analyst  at 
llluminata. “That’s  a  considerable 
difference  from  today,  where  vir¬ 
tualization  usually  occurs  on  an 
element  by  element,  node  by 
node  basis,  and  tools  routinely 
virtualize  only  within  con¬ 
strained  areas  of  activity,  not  in 
cooperation  with  other  virtualiza¬ 
tion  tools."  ■ 


Cisco,  IBM  team  on  servers 

Cisco  and  IBM  announced  last  week  co-developed  prod¬ 
ucts  that  will  improve  the  management  and  performance 
of  data  center  servers  and  network  infrastructure  equip¬ 
ment,  the  vendors  say. 

Cisco  developed  switch  hardware  for  IBM's  BladeCenter 
products  that  will  help  improve  traffic  flows  inside  blade  server 
chassis,  the  companies  say.  Integration  of  IBM  server  and 
storage  provisioning  software  with  Cisco  Catalyst  6500  LAN 
switches  and  MDS  9000  storage-area  network  switches  will  let 
users  operate  data  center  network  and  computing  infrastruc¬ 
ture  as  one  system. 

Cisco's  Intelligent  Gigabit  Ethernet  Switch  Module  (IGESM)  is 
a  hardware  device  that  fits  into  IBM's  eServer  BladeCenter 
chassis.  IGESM  provides  Gigabit  Ethernet  switching,  quality-of- 
service  traffic  management  and  load  balancing  among  server 
nodes  deployed  in  an  IBM  blade  server.  Cisco's  device  will 
compete  with  Layer  2  to  Layer  7  switch  gear  announced  last 
year  by  Nortel,  which  is  available  for  IBM  and  HP  blade  server 
products.  The  IGESM  module,  which  can  be  controlled  with 
BladeCenter’s  management  software,  is  scheduled  to  be  avail¬ 
able  this  month  and  will  cost  $5,000. 

Cisco  and  IBM  also  have  integrated  their  respective  data 
center  switch  and  server  management  software  to  allow  for 
better  communication  between  servers  and  switches.  The 
Server  Application  State  Protocol  is  a  new  communications 
protocol  created  by  the  vendors  that  lets  a  Cisco  Content 
Switching  Module  inside  a  Catalyst  6500  switch  receive  server 
health  and  availability  data  directly  from  IBM's  Enterprise 
Workload  Manager  software.  These  integrated  products  will 
enable  applications  hosted  in  data  centers  to  run  faster  and  to 
better  survive  network  or  server  failures. 

IBM  also  has  added  Cisco-specific  hardware-provisioning  fea¬ 
tures  to  some  of  its  Tivoli  management  software  products.  The 
Tivoli  Provisioning  Manager  now  can  be  used  to  configure  set¬ 
tings  on  Cisco  Catalyst  6500  switches  (including  firewall  and 
Secure  Sockets  Layer  modules  for  the  switch),  the  IGESM  and 
the  MDS  9000  storage-area  network  (SAN)  switch.  These  addi¬ 
tions  could  allow  data  center  network  administrators  to  control 
server  and  network  infrastructure  from  a  single  application  view. 

Tivoli  SAN  Manager  software  also  will  be  able  to  work  with 
Cisco’s  MDS  9000  switch  to  manage  virtual  SAN  deployments. 
The  Tivoli  software  will  act  as  a  master  control  for  setting  up  vir¬ 
tual  SANs,  by  configuring  Cisco  SAN  switch  hardware  in  con¬ 
cert  with  IBM’s  TotalStorage  SAN  Volume  Controller  software. 


—  Phil  Hochmuth  and  IDG  News  Service 


Microsoft 


WHICH  OFFERS  SUPERIOR  PERFORMANCE: 
WINDOWS  OR  LINUX?  THE  RESULTS  ARE  IN. 


Source:  VeriTest  2003 
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The  Windows  platform  generated  up  to  300  percent  better  peak  Web  serving  performance 
compared  to  Linux  according  to  a  recent  benchmark  test  conducted  by  VeriTest,  a  leading 
independent  testing  company.  In  fact,  VeriTest  found  that  Windows  Server™  2003  with 
Internet  Information  Server  (IIS)  6.0  outperformed  every  Red  Hat  Linux  configuration  they 
tested,  regardless  of  the  server  employed  or  the  number  of  processors.  To  get  the  full  study 
and  more  third-party  findings,  visit  microsoft.com/getthefacts 
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el  issues  wireless  defense  orders 


The  military’s  wireless  net  offensive 

Department  of  Defense  Directive  8100.2  orders  include: 

•  All  commercial  wireless  equipment  and  services  used  by  any 
Defense  Department  organization  must  encrypt  unclassified 
information. 

•  Encrypting  unclassified  voice  communications  is  "desirable"  and 
VoIP  should  use  FIPS  140-2  encryption. 

•  Encryption  mandate  doesn’t  apply  to  receive-only  pagers,  GPSs, 
some  bar-code-scanning  equipment  or  radio  frequency  ID  tags. 

•  Wireless  security  rules  apply  to  contractors  and  visitors  to 
Defense  Department  facilities  or  with  access  to  Defense 
Department  information. 


m  BY  ELLEN  MESSMER 

After  two  years  of  internal  pol¬ 
icy  debate,  the  U.S.  Department  of 
Defense  last  week  issued  rules 
that  all  branches  of  the  military 
—  as  well  as  contractors  and  visi¬ 
tors  —  must  follow  to  secure 
commercial  wireless  equipment 
and  services. 

In  particular,  wireless  LANs  have 
raised  Defense  Department  con¬ 
cerns  because  unencrypted  traf¬ 
fic  easily  is  intercepted  through 
over-the-air “sniffing.”The  Defense 
Departments  Directive  8100.2 
requires  any  new  military  pur¬ 
chases  of  wireless  equipment 
and  services  for  unclassified  data 
to  use  encryption.The  encryption 
has  to  have  gone  through  the 
National  Institute  of  Standards 
(NIST)  and  Technology’s  Federal 
Information  Processing  Standard 
(FIPS)  140-2  cryptographic  vali¬ 
dation  program. The  Pentagon  — 
which  left  room  for  exceptions  on 
a  case-by-case  basis  —  also 
called  the  encryption  of  unclassi¬ 
fied  voice  traffic  “desirable.” 

FIPS  140-2  testing  isn’t  easy, 


vendors  point  out.  It  took  For¬ 
tress  Technologies  18  months 
and  more  than  $100,000  to  get 
its  products  through  the  FIPS 
140-2  testing  process  done  by 
Coact,  a  NIST-accredited  lab  in 
Columbia,  Md. 

Wireless  still  is  viewed  as  so 
risky, though, that  Directive  8200.1, 
signed  by  Deputy  Secretary  of 
Defense  Paul  Wolfowitz,  forbids 
use  of  wireless  devices  for  storing 
or  sending  the  more-secret  classi¬ 
fied  data.  In  this  case,  the  military 
authorities  would  have  to  give 
written  permission  and  would 
require  noncommercial  encryp¬ 
tion  provided  by  the  National 
Security  Agency 

That  doesn’t  surprise  Maurice 
Smith,  network  security  manager 
in  the  Fort  Meade,  Md.,  Army  unit 
that  handles  toxicology  analysis 
to  check  soldiers  for  illegal  drug 
use.“We  just  don’t  allow  wireless,” 
says  Smith,  adding  that  his  organi¬ 
zation  encrypts  sensitive  informa¬ 
tion  about  drug  tests.  The  Army’s 
toxicology  division  blocks  access 
from  the  Internet  with  a  Syman¬ 
tec  5420  multi-use  gateway,  which 


also  runs  anti-spam  and  anti-virus 
software. 

Directive  8200.1  also  contains 
a  mandate  requiring  anti-virus 
software  on  wireless-capable 
handhelds  and  workstations. 
And  the  new  rules  forbid  down¬ 
loading  of  mobile  code  from 
sources  not  related  to  the  De¬ 
fense  Department. 

The  directive  gives  the  Army, 
Navy,  Air  Force  and  other  military 
groups  up  to  180  days  to  report  to 


Pentagon  CIO  Francis  Harvey  on 
implementation  plans  for  new 
and  legacy  systems.  But  with  dis¬ 
cussion  ongoing  for  some  time 
between  military  departments, 
industry  and  the  Pentagon,  few 
expect  wireless  projects  to  go 
off-track. 

In  many  instances,  it’s  evident 
the  Army  Navy  and  Air  Force  are 
taking  different  approaches  to 
WLAN  security 

Systems  integrator  Xacta,  a Telos 


company,  is  assisting  in  the  instal¬ 
lation  of  campus-style  WLANs 
based  on  the  Cisco  Model  1200 
access  points  at  more  than  50  Air 
Force  bases. 

“The  Air  Force  has  decided  it 
will  use  a  VPN”  to  meet  Defense 
Department  encryption  require¬ 
ments,  says  Tom  Badders,  Xacta 
director  of  wireless  networking. 
The  Air  Force  selected  a  Cisco 
3000  series  VPN  that  already  has 
passed  FIPS  140-2  certification. 
The  Navy  is  looking  at  using  3e 
Technologies’  wireless  access 
point,  which  also  has  passed  the 
FIPS  140-2  cryptography  tests, 
he  says. 

Fortress  already  has  provided 
about  7,000  of  its  AirFortress 
Wireless  Security  Gateways  to 
the  Army  to  use  with  WLANs. 
The  devices  use  FIPS- 140-2- 
approved  Triple-DES  and  Ad¬ 
vanced  Encryption  Standard 
encryption. 

“These  are  mostly  going  into 
trucks  as  mobile  wireless  hubs 
based  on  Cisco  access  points  and 
group  bridges,” says  Janet  Kumpu, 
COO  at  Fortress.  ■ 


VoIP  veterans  swap  stories  and  share  advice 


fcli  You  have  to  beat  on  your  service 
providers  and  make  them  give  you  the 
service  level  agreements  that  you're 
comfortable  with.  1 1 

John  Parsons 

Manager,  Global  Telecommunications  Worldwide  Information 
Systems  at  Eastman  Kodak 


■  BY  PHIL  HOCHMUTH 

BOSTON  —  Corporate  IT  professionals 
from  small  companies  to  the  largest 
Fortune  500  firms  convened  last  week  at 
the  Enterprise  Networks  2004  conference 
in  Boston  to  swap  stories  and  advice  on 
how  to  make  VoIP  work  and  the  reasons 
for  converging  voice  and  data  networks. 

The  consensus  among  VoIP  early 
adopters  at  the  conference  is  that  there  are 
real  cost  savings  in  deploying  IP  PBXs,  IP 
phones,  softphones  and  using  IP  to  carry 
voice  traffic. 

John  Manville,  senior  vice  president  of 
network  services  at  Lehman  Brothers,  says 
his  firm  began  deploying  IP  telephony 
pilots  with  Cisco  gear  in  2000.  By  2001,  the 
firm  had  more  than  1,000  phones  installed. 
The  technology  worked  well,  Manville  says, 
with  some  minor  hiccups  and  a  few  short¬ 
comings  in  terms  of  call  features. 

The  network  was  put  to  the  test  on  Sept. 
11,  2001,  when  Lehman’s  offices  in  the 
World  Trade  Center  were  destroyed.  IP  tele¬ 
phony  helped  get  Lehman  back  online 
because  a  disaster-recovery  site  was  estab¬ 
lished  in  New  Jersey  with  back-up  Cisco 
Call  Manager  servers. 

“There  is  no  way  we  could  have  recov¬ 
ered  as  quickly  as  we  did"  without  IP  tele¬ 
phony,  Manville  says.  Lehman  workers  were 
moved  to  Sheraton  Hotels  in  Manhattan 


and  given  Cisco  IP  phones,  which  linked 
back  to  the  back-up  data  center.  Most  of  the 
firm’s  employees  were  up  and  working 
from  hotels  within  a  few  days. 

Manville  says  the  flexibility  and  produc¬ 
tivity  gains  of  IP  telephony  —  such  as  con¬ 
verged  applications  and  unified  messaging 
—  will  be  the  drivers  for  the  technology.  If 
he  were  starting  a  new  network  today, 
Manville  says, “Putting  in  a  TDM-based  sys¬ 
tem  would  be  a  questionable  choice.” 

Another  advocate  of  IP  telephony  is  Chris 
Mullins,  CIO  of  Master  Financial,  a  Long 
Beach, Calif.,  mortgage  brokering  firm  with 
offices  in  Jacksonville,  Fla.,  and  Denver. 

The  first  thing  that  might  strike  someone 
walking  into  a  Master  Financial  call  center 
is  the  lack  of  telephones,  Mullins  says.That’s 
because  all  350  employees  use  softphones 


from  Sphere  Communications. 

“When  we  looked  at  the  cost  of  phones, 
it  seemed  like  a  no-brainer,”  says  Mullins, 
who  estimates  that  he  saved  about  $250 
per  employee  by  not  installing  hard 
phones.The  move  to  an  all-softphone  net¬ 
work  happened  when  the  company 
moved  from  offices  in  Indianapolis  to 
California. 

Instead  of  replacing  the  company’s  Avaya 
key  systems  in  the  main  office,  Mullins  put 
in  Sphere’s  Spherecall  IP  PBX  in  the  main 
office  and  installed  softphones  on  all 
employees’  desktops.  All  softphones  in  the 
main  office  and  branches  run  off  the  cen¬ 
tralized  Spherecall  server  over  a  VPN. 
Mullins  says  this  has  saved  the  firm  more 
than  $135,000  per  year  on  phone  changes 
and  equipment. 


The  use  of  VoIP  as  a  tool  for  reducing 
international  long-distance  charges  was 
outlined  by  John  Parsons,  manager  of 
Global  Telecommunications  Worldwide 
Information  Systems  at  Eastman  Kodak. 
Over  the  past  five  years,  Kodak  has  seen  its 
WAN  data  transport  increase  nine-fold. 
Meanwhile,  it  has  cut  its  international  tele¬ 
com  costs  five-fold. This  was  done  by  link¬ 
ing  more  than  50  Nortel  PBXs  in  Kodak’s 
largest  offices  in  the  U.S.,  Europe,  Latin 
America  and  Asia  over  a  Multi-protocol 
Label  Switch  (MPLS)-based  VPN  service, 
which  also  carries  all  the  company’s  data 
traffic. 

Kodak  chose  Singapore  Telecom  and 
AT&T  as  its  MPLS  VPN  carrier.  To  connect 
the  Nortel  PBXs  to  the  IP  network,  the 
devices  were  connected  to  Cisco  routers 
via  ISDN  links,  which  let  calls  flow  over  the 
MPLS-based  IP  network. 

Parsons  says  one  of  the  biggest  keys  in 
keeping  the  VoIP  network  running 
smoothly  has  more  to  do  with  carrier 
negotiations  and  less  with  technology. 

“MPLS  VPN  services  are  competitive,  but 
you  have  to  challenge  service  providers  on 
price,”  Parsons  says.  “You  have  to  beat  on 
your  service  providers  and  make  them  give 
you  the  service-level  agreements  that 
you’re  comfortable  with.  The  service-level 
agreements  they  offer  as  standard  are  not 
going  to  be  enough.”* 


Developing  a  device  that  connects  the  world.  Testing  the  water 
to  make  sure  it  stays  clean.  Discovering  a  cure  that  keeps  the 
world  safe.  They  all  require  the  same  thing:  the  right  tools. 


* 


V 


With  Agilent  we  make  sure  you  have  them.  Our  experience 
in  the  fields  of  electronics,  communications,  life  science 
and  chemical  analysis  gives  us  a  unique  perspective  shared 
by  no  other  company  in  the  world.  And  we  build  that  expertise 
into  every  product  we  make,  from  integrated  test  and 
measurement  solutions  to  advanced  technologies  and 
breakthrough  components. 

So  whether  you're  a  titan  of  industry  or  on  the  verge  of 
becoming  one,  trust  the  high-tech  toolmakers  at  Agilent. 
www.agiient.com  We'll  help  make  you  stronger. 

*•  •  •* 
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Mesh  networks  winning  converts 


■  BY  NETWORK  WORLD  STAFF 

Ignoring  the  crimson  tracery  of 
the  Golden  Gate  Bridge  soaring 
into  a  winter  sky;  Mickey  Griffin 
and  George  Lowry  peered  instead 
at  the  screen  of  a  notebook  with 
an  802. 1 1  b  wireless  LAN  card. 

The  California  Governors  Office 
of  Emergency  Services  employ¬ 
ees,  taking  part  in  a  trial  of  new 
wireless  mesh  technology  viewed 
live  video  of  one  of  the  bridges 
abutments  shot  by  a  wireless  IP 
camera  mounted  on  a  police 
patrol  boat. 

The  image  itself,  in  somewhat 
grainy  quarter-VGA  resolution, 
wasn’t  remarkable.  What  was 
impressive,  though,  is  that  the 
same  image  was  seen  at  the  same 
time  by  30  other  people  who 
were  stationed  at  various  points 
on  and  around  the  bridge. 

Using  traditional  wireline  and 
wireless  technology  to  achieve 
this  in  an  emergency  is  impossi¬ 
ble.  End  users  would  need  to  be 
mobile,  yet  installing  the  needed 
number  of  access  points  to  blan¬ 
ket  an  area  would  be  compli¬ 
cated  and  pricey  and  most  of  all, 
timeconsuming. 

“The  big  strength  of  wireless 
mesh  is  the  ability  to  put  it  up  and 
tear  it  down  very  quickly  says  Ab¬ 
ner  Germanow,  program  manager 
for  enterprise  networking  at  IDC. 

The  Golden  Gate  users  had 
devices  with  off-the-shelf  802.11b 
WLAN  cards  from  Proxim  or  3e 
Technologies  International  and 
an  early  version  of  wireless  mesh 
software  from  start-up  PacketHop. 

The  PacketHop  software  creates 
a  peer-to-peer  mesh  network: 
Each  wireless  client  becomes  a 
routing  node  that’s  aware  of  all  its 
neighbors  and  can  pass  data  and 
images  among  them.  The  range 
depends  on  what  kind  of  802.11 
radio  the  client  has,  radio  power 
levels  and  antenna  design:  per¬ 
haps  up  to  150  feet  or  more  for 
802.11a,  up  to  several  hundred 
feet  for  802. 1 1  b  or  802. 1 1  g.  Packet- 
Hop  plans  to  release  a  product  by 
year-end  and  has  not  set  pricing. 

Mesh  nets  use  complex  algo¬ 
rithms  for  automatic  discovery 
routing  and  fast  handoffs.  Nodes 
in  a  mesh  find  each  other  and 
can  route  around  failures  or  con¬ 
gestion.  Vendors  say  these  multi¬ 
ple  pathways  boost  the  reliability 
and  capacity  of  wireless  net¬ 
works.  There  is  no  single  point  of 
failure,  as  there  is  in  traditional 
hub-and-spoke  networks. 

Mesh  networks  minimize  the 


need  to  install  Ethernet  cable  and 
electrical  wiring,  which  are  the 
most  costly  and  time-consuming 
elements  of  WLAN  deployments. 

“Wireless  mesh  offers  enter¬ 
prises  a  way  to  get  around  the  big 
paradox  of  WLANs,  that  is,  they 
are  wired  [to  the  backbone]  ,”says 
Sarah  Kim,  a  wireless  market  ana¬ 
lyst  with  The  Yankee  Group. 

Obstacle  course 

One  obstacle  is  that  the  tech¬ 
nology,  which  has  been  used  in 
military  nets,  is  new  to  the  civilian 
market.  PacketHop  doesn’t  even 
have  a  commercial  product  yet. 

There  are  also  no  industry  stan¬ 


dards.The  IEEE  802.1 1  committee 
has  just  created  a  task  group  for 
forming  a  mesh  network  stan¬ 
dard.  A  final  standard  probably  is 
two  to  three  years  away 

IDC’s  Germanow  cautions  that 
one  of  the  classic  problems  in  a 
mesh  network  is  the  traffic  that 
the  networks’  auto-discovery 
mechanism  generates.“When  you 
get  into  a  large  number  of  nodes, 
then  the  routing  traffic  volumes 
can  take  over  with  all  the  nodes 
saying  ‘Here  I  am,”’ he  says. 

David  Thompson,  PacketHop’s 
vice  president  of  marketing,  says 
that  issue  is  handled  by  efficient 
algorithms  that  minimize  chatter. 
The  more  nodes  added,  the  more 
reliable  and  robust  the  mesh  net¬ 
work  becomes,  he  says. 

Vendors  also  handle  security 
differently.  MeshNetworks  has  a 
silicon  ASIC  chip  that  implements 
security  features;  at  a  higher  level, 
encryption,  RADIUS  authentica¬ 


tion  and  other  network  security 
features  run  unchanged.  Packet- 
Hop  incorporates  digital  certifi¬ 
cates:  Each  authorized  client  join¬ 
ing  the  mesh  presents  a  preprovi¬ 
sioned  encryption  key 

Many  start-ups,  including  BelAir, 
Firetide,  MeshNetworks,  Strix  Sys¬ 
tems  and  Tropos  Networks,  have 
wireless  mesh  products. 

BelAir  began  shipping  its  first 
product  in  March  and  announced 
a  low-end  model,  to  ship  in  July 
The  current  BelAir  200  looks  like  a 
small,  sleek  metal  barrel  that  typi¬ 
cally  mounts  on  a  utility  pole.  In¬ 
side  are  one  or  more  2.4-GHz  rad¬ 
ios  for  client  device  connections, 


just  like  any  other  802.1  lb  access 
point,  and  several  5-GHz  radios 
that  use  802.11a  to  create  a  54M 
bit/sec  wireless  mesh  network. 
Prices  range  from  $3,000  to  $9,000, 
depending  on  configuration. 

But  these  upstarts  will  soon  be 
joined  by  established  vendors. 

Nortel  says  it  will  start  volume 
shipments  in  midyear  of  a  WLAN 
mesh  access  point.  It  is  designed 
for  outdoor  use.  Clients  with  1 1M 
bit/sec  802.1  lb  adapters  will  con¬ 
nect  as  they  do  with  any  access 
point.  But  the  Nortel  devices  will 
connect  with  each  other,  in  a 
mesh  network,  over  a  separate 
54M  bit/sec  802.1  la  network. 

Two  companies  targeting  “car¬ 
peted”  sites  are  Strix  and  Firetide. 
Strix  typically  uses  an  802.11b 
radio  for  client  connections  and  a 
separate  802.11a  radio  to  create 
the  mesh  with  other  Strix  boxes. 
One  or  two  boxes  in  a  mesh  then 
plug  into  an  Ethernet  switch.  Firet- 


ide’s  boxes  have  one  radio  to  cre¬ 
ate  their  mesh,  but  several  Ether¬ 
net  ports  into  which  can  be  plug¬ 
ged  a  third-party  WLAN  access 
point,  a  printer  or  other  device. 

The  great  outdoors 

Most  mesh  action  is  taking 
place  outdoors,  in  municipal  and 
public  safety  wireless  networks. 

The  cities  of  Garland,  Texas,  and 
Medford,  Ore.,  are  replacing  19.2K 
bit/sec  Cellular  Digital  Packet 
Data  services  with  public  safety 
networks  based  on  MeshNet¬ 
works’  technology  Officials  expect 
to  see  200K  to  2M  bit/sec  through¬ 
put  over  the  mesh  network. 


City  officials  were  sold  on  the 
technology  after  riding  in  two 
vans  with  laptops,  flat-screen  TVs 
and  MeshNetworks’  client  adapt¬ 
ers, says  Darrell  McClanahan,  tele¬ 
com  manager  for  Garland.  At  60 
mph,  they  watched  streaming 
video  images,  pulled  down  map 
files  from  a  police  server  and 
made  push-to-talk  voice  calls 
between  the  vans. 

Medford  is  creating  a  24-square- 
mile  mesh,  also  with  MeshNet¬ 
works.  As  in  Garland,  the  mesh  is 
created  by  mounting  radios  on 
utility  poles  and  buildings.  About 
100  vehicles  will  have  a  mounting 
that  includes  the  MeshNetworks 
radio  and  an  Ethernet  interface 
for  locally  attaching  other  de¬ 
vices,  such  as  an  IP  camera  or  an 
802.11a  access  point.  The  radio 
lets  the  vehicles  create  their  own 
mesh  network  and  connect  to  the 
pole-mounted  radios  for  the  high- 
bandwidth  backhaul.  ■ 


Making  sense  of  this  mesh 

Mesh  technology  promises  to  bring  more  range  and  flexibility  to  wireless  nets. 


User  A  can  share  data  with  User  B  via  two  different  routes  through  User  B,  although  out  of  range  of  the  access  points,  has  two  routes 

the  mesh:  Software  on  User  A’s  PDA  picks  the  optimal  route.  through  the  mesh  to  reach  the  access  points  and  connect  to  the  server. 
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Artful  applications 


RFID  is  everywhere,  it  seems.  Here  are  a  few  recent 
implementations: 

Site:  Pima  County  Jail, Tucson,  Ariz. 

Purpose:  Prisoner  ID  and  officer  access. 

|  Technology:  Texas  Instruments  RFID  tags,  cards  and 
readers;  Precision  Dynamics  wristbands. 

Site:  Spanish  cattle  farmers  association  FEVEX,  Spain 
Purpose:  Electronic  ID  and  registration  of  cattle. 
Technology:  Philips  Semiconductors  RFID  chips; 
Sokymat  transponders;  Net  MtTelligent  readers. 

Site:  Boston  Marathon  route 
Purpose:  Tracking  runners'  progress. 

Technology:  ChampionChiptoken;Texas  Instruments 
RFID  chip. 

Site:  McCarran  Airport,  Las  Vegas 
Purpose:  Baggage  tracking. 

Technology:  Matrics  RFID  tags;  FKI  Logistex  systems 
integration. 

Site:  Seahawks  Stadium,  Seattle 
Purpose:  Select  concession  item  purchases. 
Technology:  Texas  Instruments  RFID  tags;  Smart 
SystemTechnologies'  PowerPay  readers. 

Site:  Colchester  Library,  Colchester,  England 
Purpose:  Tracking  books,  videos  and  CDs. 
Technology:  Philips  RFID  tags  and  readers;  Intellident 
systems  integration. 


RFID 

continued  from  page  1 

LAN  technology  If  a  child  wear¬ 
ing  a  wireless-enabled  wristband 
gets  lost,  parents  can  send  a  text 
message  to  an  application  called 
Kidspotter,  which  sends  a  return 
message  stating  the  name  and 
coordinates  of  the  area  of  the 
park  where  the  child  is  located. 

Word  of  the  Legoland  RFID 
implementation  started  spread¬ 
ing  last  week  —  right  about  the 
time  technology  bloggers  start¬ 
ed  yapping  about  an  RFID  hoax 
that  hooked  some  unsuspecting 
journalists. The  subject  of  the 
hoax  was  about  a  rifle  designed 
to  fire  RFID  chips  into  people  to 
track  them. 

The  idea  of  an  RFID  rifle  is 
crazy  but  there  are  some  pretty 
far-out  RFID  applications  in 
operation.  It’s  no  wonder  people 
are  getting  fooled.  RFID  chips 
for  tracking  penguins  in 
Antarctica?  True.  Tags  for  keep¬ 
ing  up  with  marathon  runners? 
True.Tags  embedded  in  new  $20 
bills?  Nope,  that’s  just  an  urban 
legend. 

Heightened  interest 

RFID  technology  has  been 
around  for  decades  —  in  World 
War  II  the  Allied  forces  used  it 
to  identify  friendly  aircraft.  So 
why  is  the  technology  getting  so 
much  attention  now?  In  a  word, 
Wal-Mart.  News  that  the  retail 
giant  is  using  RFID  technology 
to  track  products  as  they  pass 
through  the  supply  chain 


■  BY  JIM  DUFFY  AND  PHIL 
HOCHMUTH 


has  elevated  awareness  of  the 
technology. 

In  an  effort  to  reduce  shipping 
errors,  theft,  overstocks  and  out- 
of-stocks,  Wal-Mart  is  requiring 
its  top  suppliers  to  begin  ship¬ 
ping  RFID-tagged  cases  and  pal¬ 
lets  by  January  2005;  live  pilots 
began  last  week.  Other  influen¬ 
tial  buyers  —  including 
Albertsons, Target  and  the 
Department  of  Defense  —  have 
followed  suit,  fueling  an  explo¬ 
sion  of  spending  on  RFID  gear 
and  services. 

Research  firm  Venture 
Development  predicts  world¬ 
wide  spending  on  RFID  hard¬ 
ware  and  software  will  nearly 
double  from  $1.1  billion  in 
2003  to  $2.1  billion  in  2005, 
thanks  in  large  part  to  retailer 
mandates. 

While  the  retail  supply  chain 
is  the  most  visible  RFID  setting 
these  days,  it’s  by  no  means  the 
only  one.  Nor  is  it  the  first. 
“Supply  chain  as  an  RFID 
application  is  emerging,  but 
RFID  as  a  technology  sure  as 
hell  isn’t  emerging,”  says  Bill 
Liard,  RFID  program  director 
for  Venture  Development. 
“There  are  tons  of  other  RFID 
applications  that  are  making  a 
lot  of  money  already. The  possi¬ 
bilities  are  endless  . . .  that’s 
what  makes  it  so  exciting.” 

RFID  has  long  been  used  to 
track  livestock  —  an  application 
that  is  getting  a  lot  more  atten¬ 
tion  since  last  year’s  tainted  beef 
incident  in  the  U.S.  Department 
of  Agriculture  officials  are  just 


In  and  out 


beginning  work  on  a  five-year, 
$550  million  computerized  ani¬ 
mal-identification  system. 

“It  took  a  big  beef  scare  in  the 
United  States  for  us  to  realize 
we  need  to  track  our  animals  a 
little  better;”  Liard  says. 

The  challenge  is  expanding 
the  deployment  of  tracking  tech¬ 
nology  beyond  the  grazing  field 
and  into  store  shelves,  so  a  prod¬ 
uct  can  be  traced  back  to  a  spe¬ 
cific  animal,  if  necessary,  he 
says.“That’s  when  it  becomes 
interesting,”  Liard  says. 

The  healthcare  industry  has 
completely  embraced  RFID. The 
Food  and  Drug  Administration 
is  pushing  pharmaceutical  com¬ 
panies  and  distributors  to  begin 
tagging  products  by  2007  to 
combat  drug  counterfeiting. 
Within  hospitals,  RFID  is  used  to 
track  physical  assets,  such  as 
expensive  medical  equipment, 
and  organic  supplies. 

Massachusetts  General 
Hospital  in  Boston  is  looking  at 
RFID  as  a  way  to  make  sure 
blood  slated  for  transfusion  gets 
to  the  proper  patient.The  risk  of 
transfusion  of  blood  to  the 
wrong  patient  is  more  than  100 
times  greater  than  the  risk  of 
transmitting  an  infectious  dis¬ 
ease  through  a  blood  transfu¬ 
sion,  says  Walter  “Sunny”  Dzik, 
co-director  of  blood  transfusion 
service  at  the  hospital. 

The  hospital  is  working  with 
wristband  supplier  Precision 
Dynamics  and  software  maker 
Lattice  to  develop  an  RFID- 


based  solution  to  the  problem 
of  transfusion  error  in  operating 
rooms. 

On  a  less  life-threatening  note, 
NFL  superstar  Emmitt  Smith  is 
spearheading  a  campaign  to 
use  RFID  tags  to  authenticate 
sports  memorabilia  and  combat 
the  swell  of  counterfeit  memora¬ 
bilia  changing  hands  over 
venues  such  as  eBay.  Smith 
spoke  on  the  subject  at  an  event 
tied  to  last  month’s  RFID  World 
2004  conference  in  Denver. 

Texas  Instruments  is  working 
with  Smith  to  devise  a  way  to 
embed  an  RFID  transponder  in 
items  such  as  photographs  or 
jerseys  without  harming  the  arti¬ 
fact,  says  Bill  Allen,  marketing 
communications  manager  for 
the  RFID  division  of  Texas  Instru- 
ments.The  vendor  is  consider¬ 
ing  a  variation  of  a  transponder 
it  developed  for  tagging  rental 
uniforms  that  must  be  able  to 
withstand  exposure  to  industrial 
washings. 

People,  too 

RFID  is  not  just  for  tracking 
objects  and  animals.  In  a  move 
that  has  raised  the  hackles  of 
privacy  watchers,  Enterprise 
Charter  School  in  Buffalo,  N.Y., 
uses  RFID  to  automate  some 
attendance-related  functions. 
According  to  Gary  Stillman, 
director  of  the  422-student  K-8 
charter  school,  reports  of  the 
school’s  RFID  intentions  are 
greatly  exaggerated. 

“Some  people  claim  I’m  secret¬ 


ly  implanting  chips  under  their 
skin,  I’ve  been  labeled  the  devil,” 
he  says.“We’re  just  trying  to  find 
an  easy  way  of  keeping  track  of 
the  kids  in  the  morning.” 

Each  student  has  an  ID  card 
with  an  embedded  RFID  chip. 
Two  kiosks  manned  by  faculty 
members  are  located  at  the 
school’s  entrances.  When  a  stu¬ 
dent  is  within  18  to  24  inches  of 
the  system,  the  reader  activates 
the  RFID  chip  and  the  student’s 
photograph  is  displayed  on  the 
kiosk  screen  so  that  a  faculty 
member  can  confirm  the  stu¬ 
dent  carrying  the  ID  matches 
the  photo. 

“Our  mission  is  to  service  kids 
living  in  poverty  Stillman  says. 
“The  school  is  open  from  7  in 
the  morning  until  7  or  8  at  night, 
with  all  sorts  of  extra  program¬ 
ming  for  kids.  We  needed  to  get 
a  flexible  system  that  we  could 
use  to  take  attendance  at  differ¬ 
ent  times  of  the  day  if  we  want¬ 
ed  to  —  and  we’re  moving 
towards  that.” 

Enterprise  Charter  School  has 
spent  $25,000  on  the  system;  stu¬ 
dents’  ID  tags  cost  $3  each.  Right 
now  the  school  only  uses  RFID 
to  automate  attendance.  Its  next 
planned  project  is  to  install  an 
RFID  reader  in  the  cafeteria  to 
discretely  signal  to  cashiers 
whether  a  student  is  to  be 
charged  full  price,  a  reduced  fee 
or  no  charge  at  all. 

The  school  is  considering 
using  RFID  in  the  library,  but  the 
expense  of  tagging  every  book 
is  a  deterrent,  Stillman  says.  Like¬ 
wise,  he  would  consider  in¬ 
stalling  RFID  readers  at  building 
exits,  as  a  safety  precaution,  to 
monitor  students  who  leave  dur¬ 
ing  school  hours,  if  technology 
prices  come  down. “Maybe  in 
another  year  or  two,  that  would 
be  a  natural  progression  for  us. 
But  we’re  not  that  far  yet. 

Frankly,  it’s  just  a  function  of 
money’ he  says. 

While  there’s  been  some  criti¬ 
cism  of  the  school’s  RFID  rollout 
among  the  Internet  population 

—  several  Weblogs  contain 
strings  of  critical  commentary 

—  the  negativity  hasn’t  come 
from  school  families.  Enterprise 
Charter  School  took  care  to  out¬ 
line  its  RFID  plans  to  parents, 
and  they’ve  been  well  received, 
Stillman  says.“So  far  we  haven’t 
had  one  parent  even  question 
it.  Not  one.  Because  it’s  just  so 
simplistic.  We ’re  just  taking  atten¬ 
dance,”  he  says.  ■ 

Get  more  information  online. 
DocFinder:  1858 
www.nwfusion.com 


Nortel  customers  should  stay 
put  until  the  dust  settles  after  last 
week’s  ouster  of  CEO  Frank 
Dunn,  users  and  analysts  say. 

Nortel  as  a  company  is  not 
going  away,  observers  say.  The 
company  is  merely  cleaning  up 
its  management  ranks  while  it 
and  the  Securities  and  Exchange 
Commission  continue  investigat¬ 
ing  accounting  practices  that  are 
forcing  Nortel  to  restate  financial 
results  going  back  to  2000. 

“The  accounting  woes  do  not 
threaten  the  viability  of  the  com¬ 
pany’ analyst  Paul  Sagawa  of  Sanford  C.  Bernstein  wrote  in  the  invest¬ 
ment  research  firm’s  bulletin  about  the  Nortel  housecleaning. “Even 
with  [a]  lower  gross  margin  level,  Nortel  should  remain  profitable  in 

See  Nortel,  page  16 


Nortel  last  week  named  director 
William  Owens,  left,  to  replace 
Frank  Dunn,  who  was  fired  as 
CEO  amidst  investigations  into 
the  company’s  financial  results 
of  recent  years. 


CEO  Dunn's  done, 
but  what  of  Nortel? 
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HP  ProCurve  holds  the  number  2  position  in  the  market*  And  that’s  because  we  give  businesses  what 


they  need:  Secure,  mobile,  multiservice  networks  that  are  as  affordable  as  they  are  performance 
driven.  Standards-based  solutions  that  reduce  complexity  and  provide  scalable  growth.  A  lifetime 
warranty*’  software  updates,  phone  and  Web  support.  All  with  the  level  of  reliability  people  have 
come  to  expect  from  HP  When  businesses  demand  more,  HP  ProCurve  delivers. 
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•HP  ProCurve  Networking  is  number  2  in  port  shipments  for  2003  among  all  tracked  competitors  in  North  America,  Europe,  the  Middle  East  and  Africa  according  to 
Dell'Oro  Group's  Q4  '03  Ethernet  Switch  Report.  "For  as  long  as  you  own  the  product  (available  in  most  countries).  ©2004  Hewlett-Packard  Development  Company,  L.P.  ;. 
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Archivas  saves  vital  content 


■ 

PROFILE: 

ARCHIVAS 

Location: 

Waltham,  Mass. 

Founded: 

May  2003 

Primary  product: 

Archivas  Cluster  (ArC),  a  fixed-content  repository. 

Management: 

CEO  Andres  Rodriguez 

Funding: 

$6  million  from  Polaris  Venture  Partners  and  North  Bridge 
Venture  Partners. 

Fun  fact: 

Rodriguez  founded  Archivas  after  failing  to  find  a  digital  way  to 
archive  150  years  of  back  issues  while  CTO  at  The  New  York  Times. 

■  BY  DENI  CONNOR 

NEW  YORK  —  Andres  Rodriguez’s  old 
employer  is  known  for  publishing  “All  the 
news  that’s  fit  to  print.”  His  new  company, 
Archivas, has  been  formed  to  handle  all  the 
email  and  other  fixed  content  that’s  fit  to 
save. 

The  former  New  York  Times  CTO  founded 
Archivas  last  year  after  struggling  to  find  a 
good  way  to  digitally  store  150  years  worth 
of  back  issues  at  the  Times.  Archivas  is  get¬ 
ting  good  reviews  for  new  technology  that 
gives  users  a  way  to  conform  with  federal 
and  state  regulations  for  storing  email, 
medical  images  and  other  fixed  content. 

The  company  unveiled  its  primarily  soft- 
warebased  Archivas  Cluster  (ArC)  last 
week  at  the  Storage  Decisions  show  in  New 
York  City  The  ArC  software  is  distributed 
across  a  cluster  of  industry-standard  IBM, 
Penquin  or  Linux  Networx  servers.  It  will 
run  on  Dell  and  HP  systems  as  soon  as  cer¬ 
tification  takes  place. 

Curt  Tilmes,  system  engineer  at  the  NASA 
Goddard  Space  Science  Center  in  Green- 


belt,  Md.,  tested  a  beta  version  of  the 
Archivas  Cluster. 

“Archivas’  product  can  be  installed  on  a 
variety  of  platforms,  which  gives  me  lots  of 
flexibility  in  how  1  configure  my  clusters,” 
Tilmes  says.  “I  can  drop  the  cluster  in  and 
scale  it  to  very  large  amounts  of  storage.” 

When  a  user  stores  a  file,  the  ArC  software 
assigns  it  a  unique  metadata  reference, 
which  identifies  not  only  the  contents  of 


the  file  but  also  information  on  how  long  it 
needs  to  be  retained. The  file  then  is  stored 
on  an  available  disk  in  the  cluster.  The 
metadata  reference  is  stored  in  a  database, 
which  is  used  when  a  file  is  needed. 

Further,  administrators  can  create  rules 
that  dictate  the  movement  of  data  from 
disk  to  tape  or  the  elimination  of  duplicate 
files  to  reclaim  disk  space.  Rules  also  might 
be  created  that  balance  the  activity  of  the 
server  cluster. 

Archivas  is  not  without  competition  in 
this  market,  which  The  Yankee  Group  says 
will  be  worth  $1.3  billion  in  just  two  years. 
EMC  dominates  the  market  with  its  Centera 
product.  Others  in  the  market  are  Network 
Appliance  with  its  NearStore  and  Snap- 
Lock  offerings,  and  start-up  Permabit, 
whose  Permeon  technology  was  released 
last  fall. 

Peter  Gerr,  an  analyst  with  Enterprise 
Storage  Group,  says  Archivas’  ArC  and 
Permabit’s  product  differ  from  EMC’s 
Centera  in  that  the  software  is  available  sep¬ 
arate  from  the  hardware. 

“Centera  was  great  because  it  created  a 
new  market,” he  says.“The  market  has  quick¬ 
ly  shifted  though  from  purpose-built  sys¬ 
tems  to  software  that  is  disaggregated  from 
hardware.  Network  Appliance’s  SnapLock 
set  the  precedent  for  that.” 

ArC  can  catalog  Microsoft  Common 
Information  File  System,  Unix/Linux  Net¬ 
work  File  System,  HTTP  and  FTP  data. 

Rodriguez  estimates  that  ArC,  scheduled 
to  be  available  in  September,  will  cost  1 
cent  per  megabyte.  ■ 


More  online! 


Data  is  only  as  valuable  as  the  systems  you  use  to 
store  and  retrieve  it.  Learn  the  important  steps  in  pri¬ 
oritizing  and  managing  your  enterprisewide  data  in  our 
IT  Briefing  Webcast.  You'll  get  expert  insight  from 
Senior  Editor  Deni  Connor. 
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Nortel 

continued  from  page  14 

2004  and  positioned  to  benefit  from  the 
ongoing  —  and  in  our  view  sustainable 

—  improvement  in  the  overall  infrastruc¬ 
ture  spending  environment.” 

Bruce  Meyer,  director  of  network  ser¬ 
vices  at  Nortel  switch  customer  Pro- 
Medica  Healthcare  in  Toledo,  Ohio,  isn’t 
panicking. 

“How  Nortel  reports  its  profits  isn’t  as 
import  to  me  as  what  they  spend  on  R&D,” 
Meyer  says.  “As  long  as  their  technical 
commitment  is  there,  which  I  think  it  is,  I’ll 
be  comfortable.” 

He  says  he  might  have  a  different  opin¬ 
ion  if  his  situation  was  different. 

“If  I  were  starting  out  from  scratch  and  I 
saw  the  CEO  of  Nortel  was  just  fired,  I 
might  be  more  inclined  to  go  with  Cisco,” 
Meyers  says. 

Nortel  has  been  involved  in  an  ongoing 
independent  review  of  the  circumstances 
leading  to  the  reissuing  of  its  financial 
statements  for  2000, 2001  and  2002  and  for 
the  first  and  second  quarters  of  2003.  As  a 
result  of  those  investigations,  Dunn  was 
“terminated  for  cause,”  Nortel  said  last 
week. 

Former  CFO  Douglas  Beatty  and  former 
controller  Michael  Gollogly  —  both  of 
whom  were  suspended  by  the  company 
in  March  —  also  were  terminated  for 
cause.  Nortel  also  delayed  the  release  of 
its  financial  results  for  the  first  quarter  of 
the  year. 

“Everybody  wants  to  see  what  the  dirty 
laundry  is  before  they  do  anything,”  says 
Frank  Dzubeck,  president  of  consultancy 
Communications  Network  Architects.  “I 
don’t  see  any  concerns  about  bankruptcy 
or  change  of  direction.  Nortel’s  working 
on  new  routers  and  stuff  like  that.” 

Concentrate  on  enterprise  networks 

Industry  watchers  say  they  would  like  to 
see  Nortel’s  new  CEO  direct  the  company 
to  pay  more  attention  to  the  enterprise 
network  market. 

Dunn  lacked  the  “John  Chambers-like" 
vision  for  enterprise  networks,  says  Zeus 
Kerravala.an  analyst  at  The  Yankee  Group, 
referring  to  Cisco’s  CEO. 

“Nortel  itself  lacks  brand-name  recogni¬ 
tion  in  the  enterprise,”  he  says.Their  prod¬ 
ucts  —  Contivity  Alteon,  Meridian,  Norstar 

—  have  gotten  better  name  recognition 
than  Nortel  itself.” 

Nortel’s  enterprise  business  accounted 
for  22%  of  the  company’s  $2.83  billion  rev¬ 
enue  in  the  fourth  quarter  of  2003, 

William  Owens,  a  Nortel  director,  has 
replaced  Dunn.  Interim  CFO  William  Kerr 
and  controller  MaryAnne  Pahapill  have 
replaced  Beatty  and  Gollogly,  respectively, 
on  a  permanent  basis. 

As  part  of  its  restated  results,  Nortel  said 
it  expects  a  50%  reduction  in  2003  net 
earnings,  though  losses  in  previous  years 
won’t  be  as  bad  as  reported. 

IDG  News  Service  contributed  to  this 
story. 
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Symbol  toughens  up  tri-mode  wireless  handhelds 


■  BY  JOHN  COX 

Symbol  Technologies  has  introduced  two 
rugged  handhelds  that  can  work  with  three 
different  wireless  networks. 

The  latest  models  in  the  MC9000  series 
can  be  ordered  with  802.11b  wireless 
LAN  interfaces  or  short-range  Bluetooth 
interfaces,  or  both.  Both  radios  use  the 
2.4-GHz  band,  but  Symbol  designed  the 
products  so  the  radios  don’t  interfere 
with  each  other. 

An  internal  antenna  means  one  less  pro¬ 
trusion  that  can  be  broken  off  or  damaged. 

Also  available,  via  third-party  products, 
are  cellular  interfaces  to  use  Code  Division 
Multiple  Access  and  GSM/General  Packet 
Radio  Service  data  services.  Each  model 
can  have  all  three  wireless  interfaces 
installed. 

The  new  models,  the  MC9000-K  and  the 
MC9000-S,  were  designed  for  field  service, 
manufacturing,  direct-store  delivery  routes 
and  wholesale  distribution  applications. 

The  computers  have  an  Intel  Xscale 
400MHz  CPU,  which  runs  Windows  Mobile 


IBM  expands 
SMB  offerings 

■  BY  DENISE  DUBIE 

IBM  last  week  added  to  its  Express  line  of 
software  and  services  for  companies  with 
between  100  and  1,000  employees.  The 
new  offerings  target  remote  network  man¬ 
agement,  recovery  and  more. 

IBM  in  late  2002  launched  its  Express  line 
and  said  it  would  commit  $500  million  to 
delivering  products  to  the  small  and  mid¬ 
size  business  (SMB)  market. 

The  latest  Express  releases  include: 

•  IBM  Network  Operations  and  Manage¬ 
ment  Services:  IBM  remotely  monitors  cus¬ 
tomer  networks  for  network  performance, 
system  health  and  component  problems 
via  a  secure  connection.  Customers  view 
real-time  data  and  historical  reports 
through  a  secure  portal.  Pricing  depends 
on  service  and  customer  networks. 

•  IBM  Infrastructure  Recovery  Services: 
IBM  helps  customers  build  disaster-recov¬ 
ery  plans.  The  offering  entails  a  two-day 
consulting  workshop  and  provides  cus¬ 
tomers  with  a  pre-configured  eServer, 
iSeries  or  pSeries  system  for  temporary  use 
in  emergency  outages.  Pricing  depends  on 
service  and  customer  networks. 

•  IBM  Infrastructure  Management  Ex¬ 
press  Portfolio  Solution  for  iSeries:  IBM  says 
this  package  will  help  simplify  manage¬ 
ment  and  administration  of  IT  environ¬ 
ments  consisting  of  AS/400  and  Intel-based 
servers  running  AS/400  and  Windows  appli¬ 
cations.  It  combines  hardware, software  and 
services  based  on  an  IBM  eServer  iSeries 
800  Standard  or  Advanced  Edition  system. 
It  starts  at  $30,000.  ■ 


2003  or  CE.Net  operating  systems.  Users 
can  select  the  Symbol  ID  scan  engine  or 
the  SE  4400  Imaging  Engine  for  omni-direc¬ 
tional  reading  of  ID  or  2D  barcodes.The 


latter  also  can  capture  images. The  com¬ 
puters  typically  can  run  for  eight  hours. 

Pricing  varies  depending  on  the  options. 
One  variant,  with  802.11b,  64M  bytes  of 


RAM,  color  display  and  Windows  Mobile 
2003,  would  be  about  $2,900.  Bluetooth 
would  add  $150  and  a  GPRS  interface 
about  $600  more.  ■ 


NetworkWorld's 


Who  Wants 


to  be  an 


Entrepreneur  I 


Get  in  the  running  for  $30,000  in  cash  and  services 
with  Network  World’s  contest  for  IT  professionals. 

When  you  see  those  announcements  about  millions  of  dollars  in  venture  capital  being  awarded 
to  one  start-up  or  another,  have  you  ever  thought  to  yourself,  “Hey,  what  about  me?  What  about 
my  idea?”  After  all,  professionals  like  you  are  the  ones  who  know  what  products  and  services  are 
needed  to  solve  real-world  problems. 

Well,  now  is  your  chance.  Introducing  NetworkWorld’s  “Who 
Wants  to  be  an  Entrepreneur?”  contest,  which  will  recognize 
the  best  idea  for  a  new  product,  service  or  company.The  contest, 
developed  by  NetworkWorld  in  conjunction  with  Commonwealth 
Capital,  a  venture  capital  firm  in  Wellesley,  Mass.,  is  sponsored 
by  public  relations  firm  fama  PR  of  Cambridge,  Mass.,  service 
provider  Qwest  Communications  of  Denver  and  the  law  firm 
ofTesta,  Hurwitz  &Thibeault  LLP  of  Boston. 

We’ll  give  the  winner  a  jump-start  with  venture  capital 
exposure,  $30,000  in  cash  and  paid  in-kind  professional  services, 
coverage  in  Network  World,  and  a  chance  to  rub  elbows  with 
other  entrepreneurs  at  NetworkWorld’s  annual  Demo 
conference  and  exhibition  in  Scottsdale,  Ariz. 


So  do  you  want  to  be  an  entrepreneur?  Here’s  your  chance 
to  take  a  shot. 

SPONSORS 


Here’s  how  it  will  work: 

•  Entries  (available  at  www. 
nwfusion.com,  DocFinder:  1631) 
must  be  filled  out  and  returned 
by  midnight,  May  17. 

•  Judges  will  identify  three  to 
five  finalists.  Judges  include 
Network  World  editors  as  well 
as  representatives  from 
Commonwealth  Capital,  Gold 
Wire  Technology,  North  Bridge 
Venture  Partners,  Sigma 
Partners  andTesta,  Hurwitz  & 
Thibeault. 

•  The  winner  will  be  told  by  June 
21  and  announced  in  the  June 
28  issue  of  Network  World. 
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THE  SUMMIT®  400  -  THE  PEAK  OF  NETWORK  PERFORMANCE 


Extreme  Networks  is  revolutionizing  the  networking  industry  with 
the  highest  performance  Layer  3  10/100/1000  fixed  configuration 
edge  switch,  with  the  industry's  first  and  only  modular  10  gigabit 
uplink  option.  The  Summit  400,  designed  for  enterprise  networks 
deploying  gigabit  to  the  desktop,  enables  customers  to  fearlessly 
deploy  Gigabit  Ethernet  to  the  edge  today,  and  have  the  added  peace 
of  mind  that  they  can  fully  performance-enable  their  wiring  closet 
infrastructure  through  future  upgrades.  How’s  that  for  a  switch? 


GO  BEYOND 

WITH  EXTREME  NETWORKS 

Contact  Extreme  Networks  at 
1.888.257.3000  or  visit  us  on  the  web  at 

www.extremenetworks.com/go/sum400.htm 


©  2004  Extreme  Networks,  Inc.  All  Rights  Reserved. 
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Siemens  launches 
high-end  IP  PBX 


Lessons  from  leading  users 


ImSite: 

Opteron  servers  handle 
growth  of  Weather.com 


■  BY  PHIL  HOCHMUTH 

Siemens  this  week  is  launching  a  high- 
end  enterprise  IP  PBX  that  can  host  more 
than  100,000  IP  phones  from  a  single  data 
center. 

The  HiPath  8000  IP  PBX  is  targeted  at  very 
large  companies  that  want  to  consolidate 
VoIP  deployments  into  a  large  data  center. 
Users  and  experts  say  a  centrally  hosted  IP 
PBX  can  help  businesses  reduce  VoIP  oper¬ 
ational  costs. 

The  HiPath  8000  is  based  on  Siemens’ 
HiQ  8000  softswitch,  a  Session  Initiation 
Protocol  (SIP)  IP  phone  switch. The  box  is 
based  on  a  Linux  operating  system,  a 
change  for  Siemens,  which  until  now  has 
used  Unix  and  proprietary  operating  sys¬ 
tems  on  its  PBX  and  IP  PBX  platforms.The 
Linux  server  runs  call  control  and  signal¬ 
ing  applications  on  an  IBM  e-Series  server 
with  dual  Intel  Xeon  processors. 


■Takes 


■  Falconstor  launched  an  iSCSI 
storage  server  last  week  designed 
for  small  to  midsize  businesses,  and 
departments  or  workgroups  within 
large  companies.  The  iSCSI  Storage 
Server  is  software  that  runs  on  a 
Windows  Storage  Server  2003  net¬ 
work-attached  storage  appliance.  It 
uses  FalconStor's  IPStor  technology 
and  lets  NAS  appliances  from  EMC, 
Dell,  HP  and  others  attach  to  the 
Ethernet  network  via  the  iSCSI  trans¬ 
port  protocol.  An  iSCSI-enabled 
appliance  then  can  serve  up  file-  and 
block-level  services.  The  iSCSI 
Storage  Server  not  only  lets  those 
customers  centralize  and  consolidate 
their  storage,  but  also  gives  them  a 
platform  that  can  perform  replica¬ 
tion,  snapshot  and  other  storage 
applications.  It  supports  Microsoft’s 
Volume  Shadow  Copy  Service.  The 
iSCSI  Storage  Server  supports  iSCSI 
drivers  (initiators)  from  Microsoft  for 
Windows  2000,  Windows  Server  2003 
and  Windows  XP.  The  product  costs 
less  than  $2,000. 


Siemens  also  has  added  extensions  to 
SIP  to  let  the  HiPath  8000  support  all 
Siemens’  call  features  natively.  Previous 
Siemens  SIP  implementations  encapsul¬ 
ated  the  vendor’s  CorNetIP  VoIP  protocol 
inside  SIP  packets.  Some  industry  watch¬ 
ers  say  full  SIP  adoption  by  IP  PBX  ven¬ 
dors  has  been  slow  because  the  core  pro¬ 
tocol  supports  only  about  40  basic  call 
features.  PBX  systems  typically  offer  hun¬ 
dreds  of  features. 

Siemens  says  the  changes  it  has  made  to 
SIP  extend  most  of  Siemens’  call  features 
to  run  on  standard  SIP  endpoints. 
Siemens  says  any  standard  SIP  endpoint, 
such  as  phones  from  Cisco,  Pingtel  or 
Polycom,  can  work  on  the  system,  as  well 
as  standard  SIP  softphone  applications. 
Later  this  year,  the  company  says,  much  of 
the  work  it  did  on  SIP  will  be  sent  to  the 
IETF  as  a  contribution  to  the  development 
of  SIP 

The  HiPath  8000  is  targeted  at  a  small 
set  of  Fortune  100  customers  looking  to 
deploy  voice  as  a  centrally  hosted  appli¬ 
cation  from  a  data  center.  For  example, 
Siemens  says  that  IBM  is  testing  the 
HiPath  8000  for  migration  to  an  all-VoIP 
network,  where  more  than  900  PBXs  will 
be  collapsed  into  around  1 1  data  centers 
worldwide. 

Siemens’  move  to  pure  SIP  on  the  HiPath 
8000  could  be  attractive  to  some  very  large 
companies,  says  Brian  Riggs,  an  analyst 
with  Current  Analysis.  But  the  move  also 
might  cause  confusion  among  Siemens’ 
voice  customers. 

“Large  enterprises  are  going  to  have  to 
make  a  decision  as  to  which  [architec¬ 
ture]  they’re  going  to  take,”  Riggs  says. 
“This  sends  mixed  signals  to  enterprises 
about  what  to  do  in  terms  of  [VoIP]  pro¬ 
tocols.  [Siemens]  now  has  this  high-end 
[VoIP]  switch  that’s  supposedly  pure  SIP 
then  down  on  the  lower-tier  products 
they’re  still  selling  CorNetIP”  Siemens’ 
proprietary  VoIP  protocol. 

Proprietary  and  open  VoIP  protocols 
have  their  merits,  Riggs  says.  Proprietary 
protocols  let  businesses  have  more  fea¬ 
tures,  while  standards-based  options  prom¬ 
ise  vendor  interoperability  and  openness 
for  application  development. 

The  HiPath  8000  is  scheduled  to  be  avail¬ 
able  in  the  third  quarter,  at  a  price  of  about 
$200,000  for  the  hardware  and  software. 
Pbr-user  pricing,  including  phones  and 
licenses,  will  cost  about  $300.  ■ 


■  BY  JENNIFER  MEARS 

Traffic  to  Weather.com,  the  Inter¬ 
net  arm  of  cable  televisions  The 
Weather  Channel,  has  been 
snowballing,  as  the  company’s  man¬ 
agement  continues  to  push  for  more 
robust  and  customized  services. 

Those  facts  are  keeping  Dan  Agro¬ 
now,  the  Web  site’s  vice  president  of 
technology, on  his  toes  as  he  searches 
for  the  best  infrastructure  to  support 
the  content,  without  breaking  the 
bank. 

It’s  Agronow’s  never-ending  quest  for 
“the  best  price-performance”  that  led 
him  to  be  one  of  the  first  IT  executives 
to  deploy  32-/64-bit  Opteron  servers  to 
run  a  database  application.  Advanced 
Micro  Device’s  (AMD)  multi-platform 
chip  has  been  quick  to  take  off  in  the 
year  since  it  was  introduced,  but  in 
most  cases  servers  based  on  the 
microprocessor  have  made  their  way 
into  high-performance  computing  de¬ 
ployments,  not  into  corporate  data 
centers,  I  DC  researchers  say. 

According  to  IDC.the  number  of  Op¬ 
teron  servers  shipped  last  year  dou¬ 
bled  each  quarter,  with  some  35,000 

Sunny  skies 


Opteron-based  systems  shipping  in 
2003  after  AMD  introduced  the  chip 
on  April  22. Still,  that  represents  a  small 
fraction  of  the  x86  market,  which  Intel 
dominates. 

While  Opteron  is  now  being  targeted 
at  high-end  computing,  analysts  note 
that  when  IBM  became  the  first  major 
systems  vendor  to  roll  out  an  Opteron- 
based  server  last  summer  —  since 
then  HP  and  Sun  also  have  introduced 
Opteron  systems  —  it  targeted  the  box 
at  the  same  market.  It’s  those  IBM 
eServer  325  systems  that  Atlanta’s 
weather.com  now  is  using  to  run  its 
Oracle  8i  database. 

The  Opteron  servers  give  the  Web 
site  the  capacity  it  needs  to  deliver 
increasingly  customized  information, 
as  well  as  handle  spikes  during  severe 
weather  events.  The  site  averages  18 
million  unique  visitors  per  month,  but 
during  a  winter  storm  in  January,  for 
example,  about  7  million  unique  visi¬ 
tors  accessed  the  site  in  one  day.  In  the 
past  few  months,  the  number  of  visi¬ 
tors  has  been  higher  than  normal,  with 
about  25  million  visitors  in  March. 

Weather.com  continues  to  roll  out 
See  Weather.com,  page  21 


Weather.com,  the  online  arm  of  The  Weather  Channel,  relies  on 
standard  x86-based  systems  and  open  source  software  to  power  its 
fast-growing  site: 


O  A  Web  surfer  visits  weather.com  and  inputs  his  ZIP  code. 

©  The  open  source  Apache  Web  server,  running  on  dual-processor  Dell  1750  servers,  presents  the  front  end 
to  the  surfer. 

0  The  Web  server  sends  the  traffic  to  the  open  source  Tomcat  application  server,  also  running  on  Dell  servers. 

O  The  application  server  queries  the  Oracle  database,  running  on  Opteron-based  IBM  eServer  325  boxes, 
which  delivers  weather  information  according  to  the  surfer’s  profile. 

©  After  receiving  the  appropriate  information,  the  application  server  dynamically  builds  the  page,  which  is 
delivered  by  the  Web  server  to  the  end  user. 


□ 


I _ 


5/3/04 


Infrastructure 


www.nwfusion.com 


ill  appliance  on  tap  from  Check  Point 


To  protect  and  serve 


In  addition  to  securing  remote  links  between  Web  browsers  and  corporate 
servers,  Check  Point’s  Web  Intelligence  protects  Intel-based  servers  from 
malicious  executable  code. 


Remote  user 


Internet 


O  Incoming  remote-user  SSL 
traffic  contains  malicious 
executables  that  could 
compromise  corporate  servers. 


©  Web  Intelligence  software  discovers  the 
code,  runs  it  in  a  simulated  server 
environment  to  determine  if  it  is 
malicous  according  to  policies. 


©  Cleansed  traffic 
reaches  servers  to 
access  data  the 
user  requested. 


S  BY  TIM  GREENE 

Check  Point  is  corning  out  with  a  Secure 
Sockets  Layer  remote-access  appliance 
that  screens  for  malicious  code  that  might 
compromise  corporate  resources  being 
accessed  by  remote  users. 

Called  Connectra,  the  appliance  sits 
between  corporate  servers  and  the  Inter¬ 
net,  setting  up  SSL  sessions  with  remote 
computers  via  their  Web  browsers  and 
proxying  the  sessions  through  to  the 
servers.  This  remote-access  method,  also 
used  by  other  vendors,  is  generally  a  sim¬ 
pler  and  less-expensive  alternative  to  IPSec 
remote  access,  which  requires  installing  a 
client  on  the  remote  computer. 

Connectra  competes  with  SSL  products 
from  Aventail,  Cisco,  Juniper  (formerly 


More  online! 


There's  a  lot  to  know  about  how  SSL  VPNs  can  help 
you  offer  secure  remote  access  across  the  enterprise. 
For  the  latest  information  and  expert  insight, 
tune  in  to  our  IT  Briefing  Webcast  featuring 
Senior  Editor  Tim  Greene. 
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NetScreen  Technologies),  Nortel,  Whale 
Communications  and  others,  but  adds 
Web-filtering  capabilities  that  seek  mali¬ 
cious  executable  code  that  could  com¬ 
promise  data  on  corporate  servers. 

“Many  Web  applications  are  not  well 
coded  because  they  have  been  written 
quickly/  says  Phil  Schacter,  vice  president 
and  director  of  Burton  Group. “This  leaves 
them  vulnerable  to  buffer  overflows  and 
other  attacks  because  of  weaknesses  in  the 
applications.”  Other  vendors  such  as  Teros 
and  NetContinuum  sell  gear  designed  to 
specifically  handle  these  attacks. 

Check  Point  says  the  Malicious  Code 
Protector  feature  is  similar  to  what  F5 
Networks  does  on  its  FirePass  SSL  remote- 
access  appliances.  F5’s  Content  Inspection 
Engine  can  detect  buffer  overflow  and  SQL 
injection  attacks  and  filter  them,  the  com¬ 
pany  says.  Malicious  Code  Protector  works 
for  Intel-based  servers,  and  Check  Point  is 
working  on  support  for  Sun  servers,  the 
company  says. 

“I  doubt  it’s  the  same  level  of  attack  pro¬ 
tection  as  Teros  or  NetContinuum,”  says 
Michael  Suby,  an  analyst  with  Stratecast 
Partners.  “Nonetheless  it’s  more  protection 
than  you’ll  get  from  other  SSL  VPN  ven¬ 
dors.”  Plus  remote  users  must  authenticate 
to  the  Connectra  box,  so  the  machines  are 
“semi-trusted”  and  less  likely  to  be  the 
source  of  attack,  he  says. 

Connectra  also  includes  software  that 
gives  remote  users  who  connect  via  an 
application-layer,  browser-based  SSL  ses¬ 


sion  the  ability  to  access  corporate  net¬ 
works  at  Layer  3. To  do  this  requires  down¬ 
loading  an  ActiveX  agent  that  Check  Point 
calls  SSL  Network  Extender,  which  is  simi¬ 
lar  to  agents  other  vendors  including 
Aventail,  F5  and  Juniper  offer. 

SSL  Network  Extender  and  Web  Intel¬ 
ligence  software  can  be  bought  separately 
to  be  deployed  with  Check  Point’s  existing 
VPN-l/Firewall-1  software. 

With  Connectra,  Check  Point  is  including 
technology  that  scans  the  remote  machine 
making  the  SSL  connection  to  make  sure 
the  machine  is  secure.  Check  Point 
acquired  the  scanning  software  when  it 
bought  Zone  Labs,  which  called  the  soft¬ 
ware  Integrity  The  Adaptive  Endpoint 


Security  software,  which  must  be  loaded 
on  the  remote  machine,  scans  for  mali¬ 
cious  code  such  as  spyware  and  keystroke 
loggers.  Based  on  what  it  finds,  Connectra 
can  adjust  the  user’s  access  rights. 

Endpoint  security  lacks  cache  cleaning 
that  wipes  out  caches  and  files  on  the 
remote  machine  at  the  end  of  a  session,  a 
feature  other  vendors  have,  Suby  says. 

Connectra,  which  will  be  available  in 
three  configurations,  is  scheduled  to  be 
available  in  June,  and  SSL  Network  Ex¬ 
tender  is  slated  for  July  Pricing  has  not 
been  set.  Web  Intelligence  software  pric¬ 
ing  ranges  from  $5,000  to  $20,000 
depending  on  how  many  Web  servers  it  is 
protecting.  ■ 
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site  ■  Lessons  from  Leading  Users 

Weather.com 

continued  from  page  19 

customized  services,  meaning  more 
database  queries.  In  April,  for  example,  it 
began  offering  customized  home  pages 
so  that  visitors  could  view  weather  for  up 
to  10  cities  and  for  specific  dates  when 
they  log  on  to  the  Web  site. 

“It’s  important  for  us  to  make  sure  we 
have  the  capacity  to  deliver  all  of  the  rel¬ 
evant  information  and  not  just  when 
there  is  a  severe  weather  event,”  Agronow 
says.“We  want  to  make  sure  that  everyone 
can  get  their  weather  any  time.” 

He  concedes  that  he  was  a  bit  cautious 
before  deciding  to  put  the  eServer  325 
systems  into  production  earlier  this  year 
because  it  was  a  new  platform  from  AMD, 
which  is  not  typically  considered  an 
enterprise  server  chip  maker. 

“At  that  time  we  wanted  to  test  a  variety 
of  platforms  from  different  vendors  and 
to  us  it’s  important  that  we  can  see  it  in 
production.  IBM  let  us  have  [an  Opteron] 
unit  that  we  actually  put  in  production  so 
we  could  do  an  apples-to-apples  compar¬ 
ison, "Agronow  says. 

He  liked  what  he  saw. 

“Here  was  a  two-way  [Opteron  server], 
and  it  performed  at  about  25%  higher 
capacity  than  the  four-way  IBM  [Intel 
Pentium  III  Xeon],”  Agronow  says.“There’s 
a  significant  price  difference  between  a 
four-way  and  a  dual  CPU  server” 

He  wouldn’t  be  specific  about  savings. 


Agronow  is  currently  only  using  the  32- 
bit  capabilities  of  the  Opteron  box,  but 
says  that  the  transition  to  64-bit  comput¬ 
ing  —  when  applications  demand  it  — 
will  be  easy.  That’s  because  the  Opteron 
chip  is  built  on  the  same  x86  architecture 
that  runs  32-bit  applications.  Intel’s  64-bit 
Itanium,  on  the  other  hand,  requires  that 
software  be  rewritten  to  take  the  great¬ 
est  advantage  of  the  64-bit  platform. 

“Itanium  is  a  whole  different  archi¬ 
tecture,  so  you  have  to  weigh  that  into 
the  price/performance  equation,” says 
Agronow,  who  notes  that  so  far  he  has¬ 
n’t  seen  any  compelling  reason  to 
move  to  Itanium.  “But  that’s  why  the 
Intel  64-bit  extensions  are  very  inter¬ 
esting.” 

Earlier  this  year,  Intel  announced  that 
it  too  would  roll  out  64-bit  extension 
technology  for  its  x86  processors,  with 
the  first  32-/64-bit  Xeon  chip  expected  to 
be  introduced  in  the  next  few  months. HR 
IBM  and  Dell  have  all  said  they  will  ship 
servers  based  on  the  processor,  code 
named  Nocona. 

“It  gives  us  another  option,”  Agronow 
says.“Any  time  there  are  multiple  options 
and  multiple  vendors,  it  helps  to  drive  the 
price  down,  and  I’m  pretty  much  focused 
on  cost.” 

He’s  also  focused  on  performance. 
Today,  Agronow  is  testing  a  number  of  Op- 
teron-based  systems  from  vendors  such 
as  HP  and  Rackable  Systems  as  he  pre¬ 
pares  to  migrate  his  MySQL  open  source 
database  to  a  64-bit  environment.  While 
the  Oracle  database  handles  most  of  the 
data  associated  with  the  Web  site,  the 


MySQL  database, currently  on  a  Dell  1750 
platform,  handles  information  for  weath- 
er.com’s  Desktop  Weather.  This  service 
delivers  continuous  weather  information, 
including  hourly  temperatures  and 
weather  alerts  directly  to  subscribers’ 
desktops. 

“All  the  queries  for  that  application, 


which  is  really  taking  off,  come  off  of 
MySQL,”  he  says  “We  think  there  are  other 
applications  where  bigger  caches  and 
the  better  memory  latency  are  going  to 
help  the  performance  and  capacity  of 
our  applications.  So  we’re  looking  at 
[Opteron  and  Intel’s  Extended  Memory 
64  Technology]  for  different  areas.” 

For  weather.com,  Opteron  and  Intel’s 
EM64T  (which  will  be  incorporated  into 
Nocona)  are  a  logical  next  step  in  its 
effort  to  cut  costs  and  boost  performance 
by  running  standards-based  hardware 
and  open  source  software,  which  gives 
Agronow  the  flexibility  to  switch  vendors 
and  take  advantage  of  better  prices.  Four 
years  ago  things  looked  very  different  in 
weather.com’s  data  center:  It  was  100% 
Sun  and  Solaris. 


When  the  Sun  equipment  lease  ex¬ 
pired,  Agronow  transitioned  the  data  cen¬ 
ter  to  IBM  xSeries  servers  running  SuSE 
Linux,  and  cut  his  IT  bill  by  about  two- 
thirds  in  the  process.  Late  last  year,  he 
took  advantage  of  the  expiring  IBM  lease 
and  moved  to  dual-processor  Dell  1750 
servers,  cutting  costs  even  more.  He 
wouldn’t  say  how  much  was  saved. 

Also  in  the  past  few  years,  Agro¬ 
now  began  transitioning  all  of  his 
commercial  software  to  open 
source  products,  moving  from  Net¬ 
Scape  Enterprise  to  the  Apache  Web 
server  and  from  the  WebSphere 
application  server  to  Tomcat. 

This  year,  the  big  project  is  to 
migrate  off  of  the  Oracle  database, 
which  handles  most  of  the  data  for 
the  Web  site,  to  MySQL. 

‘As  long  as  you  have  a  good  staff,  and  1 
have  an  excellent  staff,  it  is  amazingly  not 
difficult  to  move  to  open  source,”  he  says. 
“When  I  talk  with  my  peers,  one  thing  that 
surprises  me  is  that  they  are  concerned 
about  going  to  open  source.  I’ve  already 
done  it.  I  didn’t  find  it  risky  There  were  no 
major  showstoppers  or  gotchas  that 
occurred.  If  you’re  willing  to  do  the  right 
due  diligence  and  test  your  applications, 
run  them  in  production  —  and  the  same 
thing  goes  for  bringing  in  a  new  platform 
like  the  Opteron  —  then  the  transition 
can  be  very  smooth.”  ■ 

Servers 
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*  *  Any  time  there  are  multiple 
options  and  multiple  vendors,  it 
helps  to  drive  the  price  down,  and 
I'm  pretty  much  focused  on  cost" 

Dan  Agronow 

Vice  president  of  technology,  Weather.com 
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When  business  losses  are  measured  in  seconds, 
preemption  beats  “ reaction "  every  time. 


The  only  effective  security  is  preemption.  This  preemptive  power  is  only  available  with  the  Proventia'"  Security  Platform  from  Internet 
Security  Systems.  When  software  security  flaws  are  discovered,  Internet  Security  Systems’  world-renowned  research  team  updates  Proventia 
to  immediately  shield  against  any  attacks  targeting  weak  spots.  Regardless  of  the  size  of  your  business,  this  new  standard  in  Internet 
security  can  help  keep  you  off  the  path  to  disaster  and  reduce  your  total  cost  of  ownership  -  In  fact,  when  we  manage  Proventia  for  you, 

we’ll  even  guarantee  protection.  Need  proof?  Get  your  free  whitepaper,  Preemptive  Protection:  Setting  a  New  Standard  in  Security,  at 
www.iss.net/proof/whitepaper  or  call  800-776-2362. 
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Too  many  ‘chicken  luddles'  spoil  the  soup 


Let  me  add  my  voice  to  the  small,  but 
vocal,  chorus  who  can’t  understand 
why  Google’s  proposed  Gmail  has 
raised  such  a  ruckus  among  those  who 
least  understand  it.  Google,  you  might 


remember,  proposes  giving  each  sub¬ 
scriber  to  the  free  service  1000M  bytes  of 
storage  in  return  for  the  ability  to  show 
targeted  advertising  along  with  the  mail. 
The  bottom  line  is,  if  you  don’t  want 


The  reason  the  world's  leading  companies 
rely  on  Equant  for  their  global  communications 


Your  business  communications  can't  be 
left  to  chance.  Fortunately,  there's  a 
provider  with  the  track  record  to  inspire 
your  confidence.  An  innovator  with  over  5  years 
experience  using  convergence-ready  MPLS 
technology  that  powers  business  solutions 
for  over  1100  companies.  A  provider  trusted 
by  the  world's  leading  companies. 

That  provider  is  Equant. 

Seamless.  And  that  trust  doesn't  stop  at 
any  border  -  because  Equant  is  everywhere. 
With  people  in  165  offices,  a  seamless  global 
network  that  covers  220  countries  and 
territories,  and  supported  locally  in  the  local 
language.  Our  customized  communication 
solutions  can  enable  your  key  business 
processes  wherever  you  want  to  do  business  - 
including  emerging  markets  like  India  and  China. 
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Stable.  What's  more,  you  can  trust  us 
to  deliver  real  results  for  business  critical  needs. 
Solid  financials  and  steady  growth,  on  both 
client  list  and  balance  sheet.  But  don't  take 
our  word  for  it;  analysts  have  praised  Equant's 
solutions  for  global  businesses  for  years. 

Demonstrating  business  value.  And  that's 
how  we'll  earn  your  trust  -  by  understanding 
your  business  before  talking  technology. 

Our  approach  is  consultative,  not  hard-sell; 
our  people  build  relationships  by  demonstrating 
business  value  with  the  more  than  80  proven 
Equant  products  and  solutions.  We'd  like 
to  start  proving  ourselves  to  you  today. 

Go  to  the  link  below  and  see  why  Equant 
is  worthy  of  your  trust. 

ivuiui.equant.com/usa 
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advertising,  then  don’t  sign  up  for  the  ser¬ 
vice. 

Yet  even  supposedly  tech-sawy  state 
legislators  in  the  Silicon  Valley  appear  to 
see  Gmail  as  the  biggest  threat  facing  the 
human  race.  State  Sen.  Liz  Figueroa,  who 
represents  the  high-tech  Interstate  880 
corridor  north  of  San  Jose,  has  intro¬ 
duced  legislation  banning  Gmail-like 
activity.  “This  bill  would  prohibit  a 
provider  of  e-mail  or  instant  messaging 
services,  as  defined,  that  serves  California 
customers,  from  reviewing  or  evaluating 
the  content  of  a  customer’s  e-mail  or 
instant  messages”  says  SB.  1822.  But  to 
show  it’s  only  targeted  at  potential  adver¬ 
tising  content,  the  bill  includes  this  para¬ 
graph: 

“This  section  does  not  prevent  a 
provider  of  e-mail  or  instant  messaging 
services  to  California  customers  from  fil¬ 
tering  unsolicited  e-mail  for  removing 
spam  or  for  managing  computer  viruses 
or  other  malicious  programs.” 

Always  at  work  in  politics,  though,  is  the 
law  of  unintended  consequences.  Look  at 
that  paragraph  again.  It  says  it’s  OK  to 
apply  a  spam  filter  to  “unsolicited  e-mail” 
—  but  you  don’t  know  that  it  is  unsolicit¬ 
ed  until  the  spam  filter  scans  it!  Logically, 
then,  Figueroa’s  bill  would  ban  all  anti¬ 
spam  and  anti-virus  software!  And  all 
because  a  few  of  the  “chicken  luddles”  (a 
person  or  persons  whose  unwarranted 
warnings  of  impending  disaster  have  the 
effect  of  thwarting  the  spread  of  good  and 
necessary  technology,  see  http://shorter 
link.com/?LWVMJL)  think  that  civilization 
as  we  know  it  will  fall  if  Google  is  allowed 
to  present  advertising  to  you  that  you 
might  be  interested  in  seeing. 

It  might  be  possible,  after  expending 
great  amounts  of  time  and  money,  to  craft 
a  law  that  would  ban  Gmail’s  practices 
and  only  Gmail’s  practices.  Then,  after 
years  spent  winding  its  way  through  the 
court  system,  the  law  might  (or  might  not) 
go  into  effect.  Considering  the  huge 
deficits  that  the  U.S.and  California  are  fac¬ 
ing,  though,  simply  allowing  those  who 
like  the  Gmail  idea  to  opt-in  and  those 
who  don’t  to  opt-out  seems  like  a  much 
saner  idea. 

Kearns ,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired@ 
vquill.com. 


The  law  of  unintended  con¬ 
sequences  is  a  natural  law 
(like  Murphy's  Law),  not  one 
passed  by  a  legislature. 

Head  to  http://shorterlink. 
com/?GORGXN  for  a  look  at 
some  of  its  effects. 
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WHEN’S  THE  LAST  TIME  you  gave  your  communications 

network  a  thorough  physical?  With  Avaya  Global  Services, 

you  don’t  have  to  because  we  do.  We  can  cost-effectively 

diagnose  and  treat  potential  problems  across  your 

entire  network  before  they  can  interrupt  your  business. 

Almost  as  if  your  network  healed  itself.  When  alarms 

do  occur,  we  use  EXPERT  Systemss“  proactive  tools  to 

diagnose  and  treat  96%  of  them  remotely.*  Avaya 

Global  Services  is  a  global  leader  in  IP  telephony  and 

PBX  maintenance.  Our  professionals  are  trained  and 

certified  to  work  in  all  kinds  of  multi-vendor, 

multi-technology  networks.  So  whatever  shape  your 

network's  in,  we'll  take  care  of  you  the  whole  way. 

And  we  promise  it  won’t  hurt  a  bit.  Visit  us  at 

avaya.com/doctor  or  call  866-GO  AVAYA. 
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YOUR  BODY 

gets  checked  every  year. 

YOUR  CAR 

gets  cheeked  every  3,000  mile&. 

YOUR  ENTIRE  NETWORK 

gets  checked  ail  day,  every  day 
by  Avaya  Global  Services. 
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The  right  management  can  put  you  in  control  of  your  infrastructure, 
not  the  other  way  around. 


Unicenter  Infrastructure  Management  Software 

So  long,  mayhem.  Managing  on-demand  computing  is  here.  Unicenter  infrastructure  management  software  lets  you  take  control 
of  your  infrastructure  so  you  can  be  more  responsive  to  business.  With  automation  and  self-healing  capabilities  Unicenter  can 
help  control  costs  and  empower  you  to  do  more  with  less.  Unicenter  also  lets  your  infrastructure  react  to  changes  in  real  time, 
so  your  IT  and  business  priorities  are  always  in  sync.  Finally,  it  is  based  upon  a  service-oriented  architecture  that  simplifies 
your  IT  environment,  so  your  infrastructure  is  easier  to  manage.  To  learn  how  to  get  more  value  out  of  your  infrastructure, 
or  to  get  a  white  paper,  go  to  ca.com/infrastructure. 
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B2B  acquisitions  highlight  data  quality 


■  BY  ANN  BEDNARZ 

Three  vendors  with  roots  in  business- 
to-business  integration  have  snapped  up 
data  synchronization  specialists  in 
recent  weeks,  highlighting  the  growing 
importance  of  data  quality  in  electronic 
transactions. 

Global  Exchange  Services  (GXS)  started 


the  trend  by  acquiring  Haht  Commerce, 
which  makes  product  information  man¬ 
agement  software,  in  a  $30  million  deal 
completed  in  February  Then  last  month, 
IBM  completed  its  purchase  of  a  Haht 
competitor,  Trigo  Technologies,  for  an 
undisclosed  amount.  Most  recently  Sterling 
Commerce  acquired  TR2,  a  privately  held 
company  that  offers  hosted  data  synchro¬ 


nization  services,  for  an  undisclosed 
amount. 

GXS,  IBM  and  Sterling  share  a  history  of 
providing  network  services  for  business-to- 
business  e-commerce  via  value-added  net¬ 
works  and  related  transaction  delivery  net¬ 
works.  Analysts  say  it  makes  sense  for  ven¬ 
dors  of  trading-partner  integration  services 
to  add  tools  for  managing  enterprise  data 


IPolicy  releases  multifunction  firewall 


■  BY  ELLEN  MESSMER 

Security  vendor  iPolicy  Networks  this 
week  unveiled  a  multifunction  VPN/fire¬ 
wall  that  can  let  customers  block  viruses, 
spam  and  Web  access  either  at  the  Internet 
perimeter  or  inside  the  corporate  LAN  as  a 
partition. 

The  ipEnforcer  appliance,  which  comes 
with  the  Unified  Security  Manager  (USM) 
Console,  can  run  the  Network  Associates 
McAfee  anti-virus  and  SurfControl  content¬ 
filtering  software.  It’s  intended  for  use  in 
organizations  with  up  to  500  employees. 

The  USM  Console  software,  which  runs 


Takes 

■  Microsoft  last  week  said  it  acquired 
privately  held  ActiveViews  to  improve 
its  business  intelligence  offerings. 
ActiveViews  developed  a  query  and 
reporting  system  that  Microsoft  plans 
to  add  to  its  SQL  Server  Reporting 
Services.  The  technology  lets  end 
users  access  business  data  stored  in 
databases  and  create  and  modify 
reports.  Financial  details  of  the  acquisi¬ 
tion  were  not  disclosed.  The  Active- 
Views  technology  will  be  part  of  a 
future  release  of  SQL  Server  Reporting 
Services,  but  Microsoft  could  not  say  if 
it  would  be  part  of  SOL  Server  2005 
Reporting  Services. 

■  Open  Text  this  month  plans  to 

launch  Livelink  Web  Content  Man¬ 
agement  Server,  its  first  integrated, 
enterprise  content  management  soft- 


The  iPolicy  Networks  ipEnforcer  is  a 
multifunction  firewall  that  also  sup¬ 
ports  VPN,  anti-spam,  anti-virus  and 
Web  filtering. 

on  Windows  or  Solaris,  can  manage 
approximately  1,000  of  the  ipEnforcer 
appliances  from  a  central  location, control¬ 
ling  employee  access  to  the  Web  and  mon¬ 
itoring  employee  use  of  the  network.  The 


ware  since  acquiring  document-imag¬ 
ing  and  content-archiving  vendor  IXOS 
and  content  management  provider 
Gauss.  The  server  brings  together 
team  collaboration,  document  manage¬ 
ment,  records  management,  process 
workflows  and  other  enterprise  content 
management  capabilities.  Open  Text 
this  fall  will  integrate  features  for  man¬ 
aging,  tracking  and  storing  e-mail.  The 
company  also  is  expected  to  add  con¬ 
tent  archiving  for  Livelink.  Pricing  for 
the  server  was  not  announced. 

■  PKWare  last  week  announced 

SecureZIP  for  Windows  8.0,  desk 
top  software  that  can  enforce  require¬ 
ments  for  encryption-based  signing 
and  data  compression,  based  on  cor¬ 
porate  security  policies.  The  software 
costs  $100  per  seat,  with  lower  prices 
based  on  volume.  PKWare  also 
announced  PKZIP  8.0  for  Windows, 
$34.95- per-seat  software  for  enforcing 
ZIP-based  compression  on  e-mail  and 
other  files. 


company  says  the  appliance  also  can 
block  denial-of-service  attacks. 

Each  ipEnforcer  appliance,  which  can 
reach  speeds  of  10M  to  400M  bit/sec,  can 
support  200,000  simultaneous  sessions, 
which  is  now  the  average  among  midrange 
firewalls.  The  security  start-up  also  has  a 
high-end  5G  bit/sec  version  of  the  ip¬ 
Enforcer  appliance  it  shipped  last  year,  but 
that  box  is  aimed  at  ISPs  to  provide  anti¬ 
virus  and  anti-spam  services. 

Formed  in  2000  by  its  CTO  Pankaj  Perekh, 
formerly  senior  engineering  manager  at  In¬ 
tel  for  development  of  Pentium  II  desktop 
and  server  products,  iFblicy  now  has  140 
employees  and  has  received  $46  million  in 
venture  capital  from  Clearstone  Venture 
Partners,  Dali,  Hook  Partners  and  WK 
Technology  Fund. 

Richard  Stiennon,  an  analyst  with 
Gartner,  says  iFblicy  “single-pass  inspection 
engine”that  lets  multiple  security  functions 
block  malicious  traffic  is  designed  to  be 
able  to  adapt  quickly  to  new  security  tech¬ 
nologies.  IFblicy  two  weeks  ago  got  a  boost 
from  Gartner  by  winning  a  place  in  the 
research  firm’s  “2004  Enterprise  Firewall 
Magic  Quadrant”  report,  an  annual  look  at 
this  industry  segment.  The  research  firm 
awarded  iPolicy  a  spot  in  the  “visionary” 
category  which  also  included  Network 
Associates,  TippingPoint  Technologies, 
NetContinuum,  Teros,  Whale  Commun¬ 
ications,  MagniFire  WebSystems  and  Top 
Layer  Networks. 

The  ipEnforcer  with  USM  Console  ranges 
in  price  from  $15,000  to  $50,000,  depend¬ 
ing  on  security  functions  selected  to  run 
on  each  appliance.  ■ 


Security 
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integration  to  their  offerings. 

For  users,  the  combination  means  one 
vendor  source  for  their  global  data  syn¬ 
chronization  efforts,  Gartner  says.  Pre¬ 
viously  users  needed  two  different  types  of 
products  to  handle  data  synchronization: 
tools  to  manage  data  integration  among 
different  systems  within  the  enterprise  and 
technology  to  synchronize  that  data  with 
trading  partners,  the  research  firm  says. 

Before  the  Haht  purchase,  GXS  offered 
hosted  services  for  trading  partner  inte¬ 
gration,  and  hosted  catalog  services.  What 
it  didn’t  have  was  the  software  deployed 
inside  an  enterprise  to  aggregate  product 
information.  The  Haht  acquisition  adds 
licensed  product  information  manage¬ 
ment  software  to  GXS’  product  portfolio. 

Sterling  had  a  family  of  licensed  integra¬ 
tion  broker  software;  TR2  adds  hosted  data 
synchronization  services  to  its  lineup.  For 
IBM,  the  Trigo  acquisition  adds  product 
information  management  capabilities  to  its 
WebSphere  family  of  integration  middle¬ 
ware. 

Keeping  data  clean 

Data  synchronization  is  an  initiative  com¬ 
mon  to  consumer  goods  and  retail  compa¬ 
nies.  It  involves  reconciling  the  product 
data  that  gets  swapped  among  companies 
to  reduce  errors  in  invoicing,  purchase 
orders  and  product  delivery 

Analysts  say  retailers  and  suppliers  are 
wasting  money  swapping  obsolete  or  inac¬ 
curate  data  in  business-to-business  transac¬ 
tions.  According  to  Ernst  &  Young,  adminis¬ 
trative  and  paperwork  errors  are  responsi¬ 
ble  for  13%  of  the  $46  billion  retailers 
could  lose  annually  to  inventory  inefficien¬ 
cies  and  theft. 

AMR  Research  identifies  costly  problems 
caused  by  unsynchronized  item  data: 

•  About  30%  of  items  are  typically  out  of 
sync;  fixing  errors  can  cost  $60  to  $80  per 
item. 

•  Mismatched  data  means  incomplete 
deliveries.  Nearly  40%  of  invoices  result  in 
deductions. 

•  Unsynchronized  data  can  result  in 
delays  of  up  to  four  weeks  in  new  product 
introductions. 

•  Inaccurate  orders  need  to  be  reworked 
manually  forcing  costs  up  seven-fold  and 
adding  five  days  processing  time. 

Investing  in  data  synchronization  tech¬ 
nology  can  eliminate  these  problems,  AMR 
says. 


See  B2B,  page  26 
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■  guess  it  was  too  good  a  story  to  get 
right.The  press  widely  reported  recent¬ 
ly  that  security  geek  Paul  Watson  dis¬ 
covered  a  previously  unknown  way  to 
cause  catastrophic  disruptions  of  the 
Internet  with  only  a  few  seconds  of  effort. 

According  to  some  reports,  an  attacker 
could  bring  down  a  peering  connection 
between  ISPs  by  sending  as  few  as  four 
packets. While  the  story  was  a  good  one, the 
reality  turned  out  to  be  more  mundane. 

The  furor  started  when  the  English 
National  Infrastructure  Security  Co-ordi¬ 
nation  Centre  published  a  “Vulnerability 
Advisory”  describing  how  an  attacker 
could  terminate  established  TCP  connec¬ 
tions  between  two  Internet  hosts  (see 


Resetting  the  Internet? 


www.nwfusion.com,  DocFinder  1832). 
The  attack  can  be  used  against  any 
longish-lived  TCP  sessions  but  the  most 
interesting  are  those  supporting  the  inter- 
ISP  Border  Gateway  Protocol  (BGP).  If  a 
BGP  session  gets  terminated,  all  of  the 
Internet  destinations  that  one  ISP  had 
learned  from  another  could  become 
unreachable.  If  determined  attackers 
went  after  the  major  ISPs,  large  chunks  of 
the  Internet  could  just  disappear. 

The  basic  problem  had  been  known  for  a 
very  long  time.  Under  normal  circum¬ 
stances  the  host  on  one  end  of  a  TCP  ses¬ 
sion  sends  the  host  on  the  other  end  a  TCP 
packet  containing  a  reset  (called  RST)  flag 
when  a  session  is  to  be  terminated.  An 
attacker  could  send  the  host  at  one  end  of 
a  TCP  session  such  a  packet  with  the 
forged  source  address  of  the  host  at  the 
other  end,  which  would  cause  the  first  host 
to  terminate  the  session.  The  original  TCP 
specification  limits  the  ease  of  this  attack 
by  requiring  that  the  TCP  packet  contain¬ 


ing  the  RST  include  a  sequence  number 
within  a  specific  range,  called  a  window. 

Wilson  figured  out  that  guessing  a 
sequence  number  within  the  window  was 
a  lot  easier  than  previously  thought.  Under 
some  widely  unrealistic  scenarios  it  could 
take  as  little  as  four  guesses.  Under  more 
realistic  scenarios, such  as  those  present  in 
BGP  sessions  between  ISPs,  it  takes  up  to 
260,000  guesses.  Of  course,  some  in  the 
press  used  the  four-guess  number  because 
it  made  a  better  story 

The  attack  and  some  quite  easy  ways  to 
tweak  TCP  software  to  reduce  the  attack 
possibility  to  almost  zero  can  be  found  in 
an  IETF  Internet-Draft  published  a  few  days 
before  the  Vulnerability  Advisory  was  pub¬ 
lished  (see  DocFinder:  1833). 

Many  vendors  already  have  released  soft¬ 
ware  updates  to  deal  with  the  issue. There 
are  a  number  of  network  design  and  filter¬ 
ing  methods  to  limit  the  possibility  of  an 
attacker  being  able  to  get  packets  to  the  ISP 
routers  (see  Cisco’s  report  at  DocFinder: 
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1834). In  addition, most  routers  used  in  ISPs 
have  been  able  to  support  cryptographic 
protection  on  their  BGP  links  for  a  number 
of  years  (see  RFC  2385  at  DocFinder:  1835). 
Far  too  few  ISPs  have  been  using  such  pro¬ 
tection  even  though  the  federal  cybersecu¬ 
rity  folks  pushed  heavily  for  it  a  few  years 
ago. 

By  the  time  you  read  this  many  more  ISPs 
will  be  using  it. 

This  turned  out  not  to  be  the  Internet- 
killer  bug  and  I  don’t  expect  to  see  any 
easy-to-exploit  way  to  take  down  the  whole 
’Net.  But  it’s  still  a  good  idea  to  be  paranoid 
in  network  design  and  be  ready  to  react 
quickly  to  new  exploitable  vulnerabilities. 

Disclaimer:  Most  people  at  Harvard  are 
about  as  far  from  paranoid  as  one  could 
be,  so  the  above  request  for  paranoia  is 
mine  and  not  the  university’s. 

Bradner  is  a  consultant  with  Harvard  Uni¬ 
versity's  University  Information  Systems.  He 
can  be  reached  at  sob@sobco.com. 


Internal  data  comes  first 

More  than  80%  of  consumer  goods  companies  are  actively  engaged  in  data  synchro¬ 
nization  efforts,  according  to  a  Grocery  Manufacturers  of  America  study.  Taking  those 
efforts  global  is  far  less  common,  according  to  the  association. 

Consumer  goods  companies  are  working  on  a  variety  of  data  synchronization  activities . . . 


I  I  ► 


45% 

Implementing  global  synchronization 
capabilities  inside  their  organizations. 


31% 

Working  on 
data  cleansing. 


29% 

Running  global  synchronization 
pilots  with  one  or  more  customers. 


17% 

Tackling  process  and 
system  design  efforts. 


...  but  few  have  taken  their  efforts  beyond  corporate  borders. 


Average  number  of  trading  partners  involved  in  companies’  data 
synchronization  pilots:  1 

Average  number  of  trading  partners  involved  in  companies’  operational  data 
synchronization  projects:  2 
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Data  synchronization  software 
aggregates  and  organizes  item- 
related  data  from  multiple  appli¬ 
cation  sources.  It’s  often  used  in 
conjunction  with  data  syndica¬ 
tion  initiatives  such  as  UCCnet 
compliance.  UCCnet  is  a  nonprof¬ 
it  organization  that  manages  an 
item  registry  for  companies’  prod¬ 
uct  data.  Its  services  let  compa¬ 
nies  register  and  synchronize 
item  and  partner  information  in  a 
neutral,  central  location. 

How  it  works 

The  way  it  works  is  suppliers 
provide  product,  location  and 
trading  partner  information  to  the 
UCCnet  registry  UCCnet  data  syn¬ 
chronization  services  then  check 
the  data  for  compliance  to  stan¬ 
dards  and  validate  that  the  data  is 
consistent  with  that  other  trading 
partners  use.  If  a  party  makes 
changes  to  any  of  the  150-plus 
possible  attributes  describing  a 
product,  UCCnet  makes  sure  all 
systems  are  aware  of  the  change. 

Retailers  such  as  Wal-Mart, 
Wegmans,  Ace  Hardware,  Lowe’s 
and  The  Home  Depot  are  requir¬ 
ing  their  suppliers  to  begin 
exchanging  data  via  UCCnet’s 
data  synchronization  standards 
and  hub. 

These  retailers’  initiative  led 
Central  Garden  &  Pet  Company 
to  launch  its  own  UCCnet  data- 
synchronization  efforts,  says 
Stephen  Levandowski,  CTO  at 
the  Lafayette, Calif.,  manufacturer 
and  distributor  of  garden  and  pet 
products. 


A  $1.2  billion  company  Central 
Garden  &  Pet  has  grown  by  acqui¬ 
sition  and  operates  25  business 
units,  Levandowski  says.  Histor¬ 
ically  the  company  has  decentral¬ 
ized  its  IT  operations;  each  busi¬ 
ness  unit  runs  its  own  business 
systems. 

But  when  Central  Garden  &  Ret 
faced  UCCnet  directives  from  sev¬ 
eral  key  retailers  —  most  of  which 
buy  goods  from  more  than  one  of 
its  subsidiaries  —  it  decided  to 
act  globally 

“We  learned  at  least  20  of  our 
customers  were  going  in  this 
direction,”  Levandowski  says.That 
kind  of  triggered  us  to  step  back 
and  say,  ‘Does  it  make  sense  to 
address  this  25  different  ways  in 


each  of  our  business  units,  or 
should  we  be  looking  to  leverage 
a  common  approach?’” 

Central  Garden  &  Pet  chose  pro¬ 
duct  information  management 
software  from  Haht,  before  GXS 
acquired  the  vendor.  It  uses  the 
Haht  software  to  organize  data 
from  its  25  business  units  before 
submitting  it  via  file  transfer  to  the 
UCCnet  registry. 

So  far  Central  Garden  &  Pet  is 
not  very  sophisticated  in  its 
UCCnet  connections.  But  as  the 
number  of  products  being  fed 
through  UCCnet  grows,  the  com¬ 
pany  plans  to  implement  a  more 
mature  integration  service,  Levan¬ 
dowski  says.  GXS’  purchase  of 
Haht  makes  it  a  logical  place  to 


turn  for  UCCnet  connectivity 

“Right  now  our  priority  is  to 
meet  these  immediate  registra¬ 
tion  and  certification  steps,”  Lev¬ 
andowski  says.“But  once  we  have 
the  infrastructure  in  place,  we  def¬ 
initely  would  consider  using  GXS 
for  connectivity’ 

The  RFID  connection 

Data  synchronization  also  has 
relevance  beyond  UCCnet  com¬ 
pliance.  Getting  data  into  a  stan¬ 
dard  format  is  a  prerequisite  for 
more  advanced  e-commerce  ini¬ 
tiatives,  such  as  vendor-managed 
inventory  and  collaborative  plan¬ 
ning,  forecasting  and  replenish¬ 
ment. 

Radio  frequency  identification 


(RFID)  projects,  too,  require  sta¬ 
ble,  accurate  data  sources  to  suc¬ 
ceed,  observers  say  As  suppliers 
begin  to  tag  pallets  and  cases 
with  wireless  RFID  labels  and 
supply-chain  systems  begin 
tracking  the  movement  of  these 
tagged  goods,  the  amount  of  data 
the  trading  partners  exchange 
will  grow  exponentially,  says 
Bobby  Patrick,  senior  vice  presi¬ 
dent  and  chief  marketing  officer 
at  GXS. 

“RFID  will  require  moving  infor¬ 
mation  faster  and  in  much  higher 
volumes,”  Patrick  says.  “In  a  real¬ 
time  world,  the  ripple  effects  of 
data  that  has  not  been  cleaned 
will  be  severe.” 

Levandowski  agrees.  The  work 
Central  Garden  &  Pet  has  done  to 
synchronize  its  data  for  UCCnet 
participation  will  make  it  easier 
to  begin  participating  in  RFID 
pilots  with  its  retailer  customers 
—  many  of  which  are  mandating 
the  use  of  RFID  tags  on  cases  and 
pallets. 

“Technically  we’ll  have  built  the 
database  and  the  processes  for 
characterizing  all  of  the  products 
that  we  sell  to  these  customers, 
and  we’ll  have  built  it  in  an  indus¬ 
try-standard  way  Levandowski 
says.This  means  we  won’t  have  to 
rebuild  and  recertify  all  these 
items  as  we  get  into  implement¬ 
ing  RFID.”B 
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You  can  now  unleash  greater  server  performance  even  as  you  rein  in  spending.  Our  new  HP  ProLiant  DL145  server  turns  up  the  dial  on  32-bit  performance, 
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1  PCI-X  64-bit/133MHz  slot 
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Freeware  and  shareware  help  monitor  nets 


■  BY  DENISE  DUBIE 

In  many  cases,  the  best  things  in  life  are  free  —  and 
when  it  comes  to  software  applications  that  can  help 
protect  and  manage  networks,  and  improve  perfor¬ 
mance  —  freeware  and  shareware  can  be  a  blessing  for 
network  executives  on  a  tight  budget. 

Freeware  and  shareware  applications  remain  a  staple  in 
many  network  managers’  toolboxes. Take  ping.This  free 
utility  has  been  ported  to  major  operating  systems,  includ¬ 
ing  Unix  variants  and  Windows.The  small  utility  has  been 
around  since  1983.  Its  task  is  simple:  establish  if  devices 
can  be  reached  over  the  network.  It’s  usefulness  is  critical. 

Here’s  a  look  at  some  tools  that  can  help  round  out 
your  management  toolbox  at  little  to  no  charge. 

Expand  Accelerator 

Expand  Networks,  a  data-compression  vendor,  recently 
made  available  from  its  Web  site  a  free  download  of  soft¬ 
ware  that  can  evaluate  WAN  network  performance,  pin¬ 
point  trouble  spots  and  show  network  managers  where 
improvements  can  be  made. 

Expand  Accelerator  runs  on  a  standard  Windows  PC, 
and  requires  users  to  plug  the  PC  into  a  network  hub  or 
mirrored  switch  port.  Once  installed,  the  application  can 
provide  information  about  applications  running  on  the 
WAN.  Expand  also  includes  a  graph  that  shows  how 
much  better  the  network  would  perform  if  the  traffic  was 
being  compressed  by  one  of  the  company’s  commercial 
products. 

Jason  Meurer  says  the  download  required  a  minor  con¬ 
figuration  change  to  his  switch,  but  after  that  it  offered 
him  insight  into  application  top  talkers,  network  bottle 
necks  and  other  WAN  latency  issues.The  systems  engi¬ 
neer  at  K.Hovnanian  Companies,  a  national  home 
builder  based  in  Red  Bank,  N.J.,says  he  typically  doesn’t 
put  money  down  for  software  until  he  is  satisfied  it  will 
perform  as  he  expects. 

“Mainly  we  purchase  more  robust  products,  but  1  like  to 
get  some  insight  into  how  they  work  first,  and  free  pre 
grams  can  do  that,”  he  says.  Mostly  a  sales  tool  for  the  ven¬ 
dor,  he  says  the  monitoring  software  gave  him  the  infor¬ 
mation  he  needed  to  go  ahead  and  put  the  commercial 
Expand  product  in  his  budget  plans.  And  in  the  mean¬ 
time,  he  is  going  to  use  the  freeware  to  keep  updated  on 
his  WAN  application  traffic. 

“I  haven’t  been  able  to  buy  the  robust  software  yet,  but  1 
am  still  getting  the  benefits  from  the  free  version,”  he  says. 

Peer  Monitor 

London-based  independent  software  programmer 
Daniel  Clarke  drafted  Peer  Monitor,  a  ping-based  network 
freeware  program,  for  his  personal  use  in  2001. The  entire 
process  was  “fun,"  he  writes  on  the  download  site,  and 
with  a  little  help  from  his  friends  he  can  maintain  and 
update  the  software. 

“It  was  needed  in  a  home  network  where  Microsoft 
Internet  Connection  Sharing  was  used  to  share  a  single 
dial-up.  We  needed  to  see  if  the  gateway  computer  was 
turned  on,  whether  the  connection  was  open,  and  who  (if 
anyone)  was  left  computing  (so  someone  would  not  dis¬ 
connect  the  modem  if  there  was  another  user  still  possi- 


Old  favorites 

New  freeware  applications  emerge  all  the  time, 
but  network  managers  still  won't  give  up  the 
originals. 

What  it’s  called:  Big  Brother 
What  it  does:  Monitors  systems  using  scripts  on 
remote  servers  tracking  disk  space,  CPU  usage  and 
services.  It  sends  the  data  to  a  central  location,  which 
network  manages  can  access  via  the  Web. 

Where  to  get  it:  http://bb4.com/download.html 

What  it’s  called:  MRTG 

What  it  does:Tracks  traffic  load  on  network  links  and 
collects  data  from  routers  via  SNMP.  It  also  displays 
the  data  in  a  graph  on  a  Web  page,  and  can  save  the 
data  to  show  trends  for  a  week,  month  or  year. 

Where  to  get  it:  http://people.ee.ethz.ch/~oetiker/web 
tools  /  mrtg  /mrtg.html 

What  it’s  called:TCPdump 

What  it  does:  Prints  out  the  headers  of  packets  that 
go  through  the  computer's  network  interface  and 
network  managers  can  filter  out  the  specific  packets 
for  which  they’re  looking,  either  by  protocol  orT CP  port 
number. 

Where  to  get  it:  http://vvv.it.kth.se/edu/gru/lnternet 
/tcpdump.html 

What  it’s  called: Tripwire 

What  it  does:  Determines  if  any  protected  files  have 
been  altered,  by  watching  for  unauthorized  changes  and 
alerts  network  managers  via  e-mail  when  suspicious 
activities  occur. 

Where  to  get  it:  http://www.tripwire.org/downloads 
/index.php 


Download  directions 

Use  these  links  to  try  these  freeware 
applications  in  your  network. 

Program:  Expand  Accelerator 
Link:  www.expand.com/monitor 

Program:  Peer  Monitor 

Link:  http://danielclarke.com/peermonitor/ 

Program:  Visual  Route 

Link:  www.visualware.com/personal/products/visual 
route/index.html 

Program:  Jabber 
Link:  www.jabber.org 


bly  surfing),”  he  explains. 

Once  installed  on  a  PC,  network  users  must  configure 
which  hosts  to  monitor  for  access  and  connectivity,  and 
how  to  be  alerted  (for  example,  by  e-mail)  if  a  host  is  not 
available.That  means  network  managers  can  write  rules 
into  the  software  and  set  thresholds.The  software  pings 
hosts  using  Internet  Control  Messaging  Protocol,  and  then 
displays  results  with  a  color-coded  graph  that  indicates 


the  status  and  the  severity  of  the  host. 

The  program  has  help  built-in,  and  lets  users  post  a  sup¬ 
port  call  via  e-mail  or  to  the  Peer  Monitor  forum  directly 
from  the  program  interface. 

VisualRoute 

Combining  a  series  of  famous  freeware  applications, 
Visualware’s  Visual  Route  is  a  graphical  traceroute,  ping 
and  whois  utility  that  analyzes  Internet  connectivity 
problems. 

The  software  is  downloaded  onto  a  PC  and  is  available 
for  Windows,  Solaris,  Linux,  FreeBSD  and  Macintosh  plat¬ 
forms.  It  can  track  hops  between  IP  addresses  and  track 
connectivity  Traceroute  results  are  displayed  in  a  table 
and  world  map  via  a  Web-based  interface. VisualRoute 
processes  all  IP  hops  in  parallel,  and  supports  Loose 
Source  Route  (LSRR)  information  for  advanced  debug¬ 
ging.  LSRR  is  an  option  in  the  IP  header  that  lets  network 
managers  specify  a  collection  of  nodes  that  the  packet 
must  traverse  before  reaching  the  destination. 

An  optional  add-on,  the  VisualRoute  Server  package  lets 
customers  install  VisualRoute  on  a  central  server  and  have 
external  users  access  VisualRoute  through  a  Java-enabled 
Web  browser. VisualRoute  Server  can  be  installed  on  a 
server  outside  a  firewall,  which  gives  network  managers  in¬ 
side  the  firewall  the  ability  to  see  traceroute  information. 

Downloads  are  available  in  Windows,  Unix  and  Mac¬ 
intosh  versions,  and  can  be  used  free  for  15  days.  A  single- 
user  license  of  VisualRoute  Personal  Edition  will  cost 
about  $20  after  the  free  trial  period. 

Jabber 

When  Rick  Sant  Angelo  wanted  an  easy  way  to  control 
and  secure  an  instant-messaging  platform,  he  looked  for 
an  open  source  product.The  senior  network  engineer  at 
Cricket  Technologies,  a  Reston,Va.,  provider  of  electronic 
data-discovery  tools  for  litigation  customers,  says  an 
open  source  product  from  Jabber  Software  Foundation 
met  his  needs. 

“In  our  field,  we  work  with  a  lot  of  customer  data  that 
has  to  be  kept  completely  secure,"  he  says. “This  is  sensi¬ 
tive  information  that  hasn’t  gone  public  yet,  so  we  can’t 
take  any  risks.” 

Sant  Angelo  says  the  Jabber  1M  platform  provided  him 
with  the  features  he  needed  at  no  cost.  Jabber  is  a  set  of 
streaming  XML  protocols  and  technologies  that  let  any 
two  entities  on  the  Internet  exchange  messages,  presence 
and  other  structured  information  in  close  to  real  time. The 
first  Jabber  application  is  an  IM  network  that  offers  func¬ 
tionality  similar  to  that  of  legacy  IM  services  such  as  AOL 
Instant  Messenger,  MSN  and  Yahoo. 

With  Jabber,  users  install  clients  and  servers,  and  the 
program  supports  multiple  platforms.  Users  can  tap  into 
a  centralized  Jabber  server  via  a  client  on  their  desktop, 
or  they  can  set  up  a  client  and  server  to  manage  their 
Jabber  platform.  It’s  also  secure  in  that  Jabber  servers 
can  be  isolated  from  the  public  Jabber  network. 

Sant  Angelo  says  organizations  that  provide  freeware 
“do  a  great  service  to  the  IT  industry. You  need  to  have 
some  expertise  to  use  open  source  tools,  but  they  give 
you  the  opportunity  to  test  things  on  your  network  with¬ 
out  making  a  big  investment.” ■ 
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Scrverlron  when  it  comes  to  Layer  4-7  load  balancing,  there  is  no  summit! 
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for  server  scalability  with  one  accomplishment  after  another.  Server! ron  switches  protect 
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We  make  any  service  provider  network 
more  efficient. 
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r  Calculation  Procedure  to  Determine 
Congestion  Levels  for  PMO  and  FMO 

1  Calculate  carried  loed  from  RTs 

2  Calculate  P(b)  for  all  DCLUs.  IDCUs.  ONUs 

3  Calculate  P(b)  for  all  AlUs  and  LUs 

4  Calculate  carded  load  for  all  Interface  unite  In  a  RSM 

5  Calculate  P(b)  for  RSMc 

6  Repeat  for  all  RSMs 
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Together,  Lucent  Worldwide  Services  and  Bell  Labs  bring  you  unrivaled  networking  expertise  and  intelligent  tools 
to  help  you  get  more  out  of  your  network.  Recently,  we  used  our  Network  Optimization  Capacity  Management 
Service  to  help  a  service  provider  improve  service  levels  and  eliminate  blocked  calls.  We  even  showed  them 
how  to  optimize  their  existing  assets  at  eight  network  sites  to  save  millions  of  dollars  in  operating  costs.  See 
how  we  can  make  your  network  more  productive,  more  reliable,  and  more  secure  than  it  is  today  at 
www.lucent.com/lws. 
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MCI  strengthens  security  services 


A  secure  plan 

MCI  says  it’s  serious  about  security,  it’s  backing  that  up  with  a  series 
of  new  and  enhanced  services. 


Service 

Technology 

platform 

Monthly  price 

Availability 

Managed  Firewall 
Enterprise* 

Cisco  PIX  or 
NetScreen  firewall 

$1,250  to  $3,095 

May 

Managed  Firewall 
Office* 

Cisco  PIX  or 
NetScreen  firewall 

$600  to  $1,275 

May 

Managed  Firewall 
Solo 

Cisco  PIX  or 
NetScreen  firewall 

$300  to  $375 

May 

Managed  Firewall 
Solo 

Check  Point 
firewall 

Not  available 

June 

Managed  Firewall 
ExtranetVPN 

Not  applicable 

$150,  plus  $500  setup 
fee 

May 

Managed  Intrusion 
Prevention 

ISS  RealSecure  or 
NetScreen  IDP 

Not  available 

May 

Managed  PKI 

VeriSign 

60  cents  to  $5  per 
user,  plus  $13,000  to 
$100,000  set-up  fee 

May 

Managed  E-mail 
Content  Service 

MessageLabs 

98  cents  to  $2.70  per 
user,  plus  $80  per 
domain  setup  fee 

May 

"Service  previously  was  available  with  Check  Point  firewall  only. 


■  BY  DENISE  PAPPALARDO 

Fresh  out  of  bankruptcy,  MCI  last  week 
introduced  a  slew  of  services  that  the  car¬ 
rier  says  show  it  is  getting  increasingly  seri¬ 
ous  about  security 

The  offerings,  which  range  from  intrusion 
protection  to  e-mail  filtering,  add  to  new 
Secure  Sockets  Layer  VPN  and  denial-of- 
service  (DoS)  protection  services  aired  by 
MCI  over  the  past  two  months  (www.nwfu 
sion.com,  DocFinders:  1837  and  1838). 

“I’m  impressed  with  the  road  map  they 
have  provided  in  terms  of  breadth  of  the 
offerings,”  says  Michael  Suby,  an  analyst  at 
Stratecast  Partners.  “MCI  has  a  lot  of  work 
ahead  of  it  post-bankruptcy,  but  putting  its 
effort  toward  managed  security  services  is 
a  smart  move.” 

New  offerings  include  the  Managed 
Intrusion  Prevention  service,  which  lets 
customers  deploy  an  Internet  Security 
Systems  (ISS)  RealSecure  or  NetScreen 
Technologies  Intrusion  Detection  and 
Prevention  device.  The  devices  can  be 
used  to  warn  about  attacks  or  to  miti¬ 
gate  them,  such  as  by  making  a  change 
to  a  firewall  to  block  traffic  from  a  spe¬ 
cific  port. 

MCI  also  now  offers  network  vulnerabil¬ 
ity  scanning  through  ISS.  Previously  the 


■  Calient  a  maker  of  photonic 
switching  systems  and  software,  has 
announced  $15  million  in  new  funding. 
That  amount  adds  to  $20  million  previ¬ 
ously  announced  in  fourth-round  fund¬ 
ing.  New  investors  Wall  Street  Tech¬ 
nology  Partners  and  DuPont  Capital 
Management  have  joined  other  in¬ 
vestors  Enterprise  Partners  Venture 
Capital,  TeleSoft  Partners  and  Sof in¬ 
nova  Ventures.  Overall,  Calient  has 
collected  $285  million  in  venture  fund¬ 
ing.  The  new  funds  will  be  used  to 
expand  the  company's  operations  and 
marketing.  The  company  has  had 
most  of  its  success  in  Asia,  with  pay¬ 
ing  customers  such  as  Japan  Telecom 
and  KDDI.  Calient  is  in  trials  with 
other  Asian  and  U.S.  carriers,  a 
spokeswoman  says. 


carrier  only  bundled  this  service  with  its 
Managed  Firewall  offering. 

On  the  e-mail  security  front,  MCI  is 
teaming  with  MessageLabs  to  offer  the 
Managed  E-mail  Content  Service.  Users 
can  redirect  their  e-mail  servers  to 
MessageLab’s  data  centers,  where  mes¬ 
sages  are  scanned  for  viruses  or  spam 
before  they  hit  a  customer’s  network. 
MessageLabs  runs  anti-virus  engines 
from  CyberSoft,  F-Secure,  MessageLabs 
and  Network  Associates.  All  infected  e- 
mail  is  quarantined  with  notices  sent 
out  to  recipient,  sender  and  network 
administrator. 

Sprint  has  offered  a  similar  service  with 
FrontBridge  for  the  past  18  months.  Last 
week  they  forged  a  broader  marketing  deal. 

MCI  also  offers  a  Managed  PKI  service 
that’s  primarily  supported  by  VeriSign, 
which  supplies  digital  certificates  to  users 
and  then  authenticates  them  before 
allowing  access  to  a  corporate  network. 

MCI  is  expanding  its  managed  firewall 
services  next  month  by  adding  support 
for  Cisco  PIX  and  NetScreen  firewalls.  MCI 
has  offered  only  Check  Point  firewall  sup¬ 
port  up  until  now.  MCI  also  has  developed 
the  Managed  Firewall  Office  service  for 
small  and  midsize  businesses  and 
Managed  Firewall  Solo  for  individual 
business  users. 

Separately  MCI  is  testing  tools  that  will 


■  BY  JIM  DUFFY 

Start-up  Packet  Design  last  week  un¬ 
veiled  technology  designed  to  help  service 
providers  maintain  IP  service  uptime  for 
their  enterprise  customers. 

The  company’s  Border  Gateway  Protocol 
(BGP)  root-cause  analysis  technology  is 
intended  to  determine  which  single  rout¬ 
ing  event  is  the  source  of  millions  of  others 
in  service  provider  networks. 

BGP  used  by  virtually  all  service  pro¬ 
viders  and  many  large  enterprise  cus¬ 
tomers  to  exchange  routing  information 
between  interconnected  autonomous  sys¬ 
tems,  is  a  troubleshooting  challenge 
because  it  is  the  most  “chatty”  of  routing 
protocols,  according  to  Packet  Design.  A 
minor  connectivity  change  can  produce 
millions  of  update  messages,  the  firm  says. 

“The  real  problem  is  that  what  it  takes  to 
sort  through  all  of  these  events  and  figure 


automatically  take  action  when  a  DoS 
attack  targets  a  customer’s  network,  but 
declined  to  say  when  such  technology 
would  become  available. 


out  what  the  root  cause  is  typically 
requires  a  very  well-trained,  very  experi¬ 
enced  engineer^’  says  Johna  Till  Johnson, 
president  and  chief  research  officer  of 
Nemertes  Research,  and  a  Network  World 
columnist.  “One  of  my  engineers  told  me  a 
couple  of  years  ago,  ‘There  are  just  too 
many  routers,  and  they  all  have  too  many 
opinions’” 

Packet  Design  developed  a  statistical 
algorithm  that  extracts  the  structure  of  BGP 
event  streams  to  determine  their  root 
cause.  The  company  created  visualization 
techniques  to  display  and  interpret  that 
structure. 

The  algorithm  examines  BGP  events  in 
real  time  and  identifies  the  single  or  multi¬ 
ple  sources  that  trigger  them,  even  if  those 
events  are  several  hops  away  from  the 
user’s  network.  It  provides  a  real-time  topo¬ 
logical  view  of  the  network  to  analyze  the 
“tree  structure”  of  BGP  events,  which  helps 


AT&T  last  month  announced  such  an 
offering  in  its  Internet  Protect  service, 
which  provides  proactive  protection  for 
users  when  under  a  DoS  attack.  ■ 


isolate  individual  sets  of  events  resulting 
from  a  common  source. 

This  technique  has  the  potential  to  nar¬ 
row  down  thousands  of  events  to  one 
Syslog  message,  Packet  Design  says. 

The  technology  will  be  incorporated  in 
Packet  Design’s  Route  Explorer  network 
management  appliance  later  this  year. 
Route  Explorer  provides  routing  path  visi¬ 
bility  and  analysis  of  BGP  Open  Shortest 
Path  First,  Intermediate  System-to-Inter- 
mediate  System  and  Enhanced  Interior 
Gateway  Routing  Protocol  networks. 

The  BGP  root-cause  analysis  technology 
will  be  demonstrated  at  NetWorld+Interop 
Las  Vegas,  to  be  held  May  11-13.  Packet 
Design  says  it  has  at  least  one  customer  for 
the  technology,  but  declined  to  identify  it. 

Packet  Design  Inc.  is  a  spinoff  of  Packet 
Design  LLC,  a  company  formed  in  May 
2000  by  serial  entrepreneurs  Judy  Estrin 
and  Bill  Carrico.  ■ 
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Convergence:  Not  hip,  still  happening 


Definitions  are  fun.  Melanie  Turek,  a 
specialist  in  collaboration  technolo¬ 
gies,  likes  to  remind  folks  that  one  of 
Webster’s  dictionary  meanings  of  collabo¬ 
ration  is,  “to  cooperate  with  the  enem/ 


(Open  sourcers  say  that’s  only  if  you’re 
using  Microsoft  products.) 

So  what  do  you  call  the  quiet  but  very 
real  shift  that’s  underway  as  companies 
integrate  mobile  technologies,  voice,  data, 


Ready  to  take 
traffic  management 
to  the  next  level? 


Current  methods  of  managing  traffic  by 
establishing  and  constantly  tweaking 
policies  are  labor-intensive  and  inefficient. 


Take  traffic  management  to  the  next  level  by  deploying  application  acceleration 
and  bandwidth  efficiency  tools  that  reduce  WAN  costs  and  improve  response 
times.  Expand  Networks  offers  a  complete  framework  for  easily — and 
automatically— improving  the  performance  of  distributed  enterprise  applications. 

Accelerator'  appliances  allow  you  to  increase  average  network  capacity  and 
improve  application  response  times  by  100-400%,  stop  bandwidth  abuse 
and  align  network  resources  with  business  priorities.  Learn  how  to  gain  an 
accelerated  ROI  in  3-9  months,  and  find  out  why  more  than  1,000  customers 
have  already  deployed  more  than  20,000  Accelerators  in  over  70  countries. 

Reap  the  rewards  of  automated  application  traffic  management  today. 

Try  our  demo  at  www.expand.com/demo 
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Accelerator  and  Expand  Networks  are  trademarks  of  Expand  Networks.  Inc. 


video  and  collaboration  tools?  The  best 
term  I’ve  got  is  yesterday’s  oh-so-tired  buzz¬ 
word, ^ “convergence.” The  dictionary  defini¬ 
tion  for  convergence  is  “to  come  together 
or  unite,”  based  on  the  Latin  terms  “con,” 
meaning  “with,”  and  “vergere,”  meaning  “to 
bend  or  incline.” It’s  still  an  outstanding  way 
to  describe  the  “coming  together”  of  voice, 
data,  video,  wireless  and  collaboration  on 
enterprise  networks  today 
Is  convergence  really  happening?  By  all 
indications,  yes.  For  example,  45%  of  IT 
executives  I’ve  spoken  with  recently  say 
they  plan  to  transport  voice  over  their  Wi-Fi 
LANs,  with  another  29%  saying  they’ll  con¬ 
sider  it.  In  a  recent  benchmark,  nearly  90% 
of  IT  executives  told  us  they’re  using,  assess¬ 
ing  or  planning  to  use  VoIP  I’m  seeing  a 
huge  level  of  interest  in  what  you  could  call 
an  “integrated  communications  device”  — 
a  single  IP  phone  that  replaces  the  desktop 
phone  and  the  cell  phone, and  works  seam¬ 
lessly  between  802.11  WLANs  and  WAN 
wireless  services.  Motorola  and  several  part¬ 
ners  are  successfully  demonstrating  a  prod¬ 
uct  that  hands  off  communications  be¬ 
tween  802.1  lx  and  cellular  technologies, 
such  as  3G  and  Code  Division  Multiple  Ac¬ 
cess.  Finally  when  it  comes  to  building  in 
collaboration  technologies,  today’s  current 
crop  of  cellular  data  phones  include  instant 
messaging  capabilities.  Avaya,  Nortel, Shore 
line,  Siemens  are  building  integrated  col¬ 
laboration  tools  into  their  IP  phones. 

A  lot  of  this  seems  like  old  news.  In  a 
sense,  it  is.  Cellular  data  phones,  Wi-Fi,  col¬ 
laboration  and  VoIP  have  been  around  for 
several  years.  But  here’s  what  has  changed: 

•  Infrastructure.  The  ability  to  converge 
voice,  data  and  often  video  onto  one  net¬ 
work  is  driving  interest  in  Multi-protocol 
Label  Switching  (MPLS)-based  WAN  ser¬ 
vices.  Many  IT  executives  have  told  us 
they’re  moving  to,  or  considering,  MPLS- 
based  services  for  precisely  this  reason.  As 
true  convergence  picks  up  steam,  MPLS 
and  other  quality  of  service-enabled  net¬ 
works  will  become  increasingly  popular. 

•  Endstations.  Here’s  a  sobering  thought: 
87%  of  employees  work  in  remote  offices. 
Today’s  communiccttions  paradigm 
assumes  that  a  remote  device  is  a  laptop. 
But  what  if  it’s  not?  Increasingly,  the  combi¬ 
nation  of  mobile  connectivity  and  light¬ 
weight  Web-enabled  applications  makes  it 
feasible  for  remote  and  traveling  users  to 
rely  on  a  palmtop  or  PDA  as  their  primary 
computing  device. 

•  Presence.  One  of  the  corollaries  of  con¬ 
vergence  is  the  emergence  of  multiple 
communications  channels.  Today,  you 
receive  instant  messages  (IM), e-mail, voice 
or  video  calls.  With  presence, you’ll  be  able 
to  forward  incoming  “calls”  to  IM,  e-mail  or 
voice  mail  as  appropriate. 

The  bottom  line  is  stay  tuned.  Conver¬ 
gence  might  not  be  hip, but  it  is  happening. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Reading  someone  else’s  copy  of 

NetworkWorld 


NetworkWorld 

JS.'  "f  Big  bang*  to  jolt 
Microsoft  users 


Apply  for  your  own  FKJEE 
subscription  today 

subscribenw.com/b03 


FREE  subscription 
(51  Issues) 

Apply  online  at: 

subscribenw.com/b03 


subsGribenw.com/b03 

Apply  for  your 

FREE 

Network  World 
subscription  today! 


www.nwfusion.com 


5/3/04 


NetworkWorid 


IPoS  expands  reach  of  satellite  apps 


■  BY  JOHN  KENYON 

Until  recently,  satellite  services  were 
based  on  proprietary  systems  —  a  com¬ 
petitive  advantage  for  providers,  but  one 
that  made  it  difficult  to  create  and  optimize 
applications  and  value-added  services  for 
the  satellite  industry  Developers  had  to  ere 
ate  customized  applications  for  each  satel¬ 
lite  provider. 

Satellites  are  used  by  thousands  of  cor¬ 
porations,  including  those  that  have  several 
dispersed  locations  or  lack  of  access  to 
traditional  wired  broadband  services.  In 
response,  the  industry  had  to  find  a  way  to 
improve  applications  development  and 
drive  innovation  to  make  network  services 
such  as  VoIP  VPNs  or  streaming  video  avail¬ 
able  on  the  majority  of  satellite  networks. 

IP  over  Satellite  (IFbS),  which  the  Tele¬ 
communications  Industry  Association  rati¬ 
fied  as  TIA-1008  in  November  2003,  is  the 
only  industry  standard  optimized  for  deliv¬ 
ering  IP  broadband  services  over  two-way 
satellite  channels.  Already  implemented  in 
more  than  300,000  deployed  satellite  ter¬ 
minals  (which  represents  about  70%  of  the 
installed  market),  IFbS  will  provide  a  cata¬ 
lyst  for  dramatic  growth  in  the  satellite 


Got  great  ideas;1 


■  Network  World  \s  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr@nww.com). 


■  HOW  IT  WORKS 


IPoS 

IP  over  Satellite  specifies  techniques  for  transporting 
IP  packets  between  a  central  hub  terminal  and  remote 
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O  A  user  requests  a  Web  page  from  a  host  computer. 

©  The  satellite  terminal  (IDU)  translates  the 
independent  IP  data  routing  to  satellite  network- 
specific  data  routing  before  passing  the  data  to 
the  satellite  modem  (0DU)  for  radio  frequency 
transmission;  upon  return,  the  reverse  translation 
occurs. 

©  Satellite  receives  RF  signal,  amplifies  it  and  sends 
to  the  hub  via  IPoS. 


©  Hub  receives  Web  page  request  and  forwards  it 
on  behalf  of  user  to  server. 

©  The  server  sends  the  requested  Web  page  back 
to  the  hub. 

©  Satellite  receives  signal,  amplifies  it  and  forwards 
it  to  the  outdoor  unit  via  DVB-S. 

O  Indoor  unit  receives  Web  page  and  forwards  it  to 
the  user’s  browser. 


industry  by  delivering  always-on  IP  ser¬ 
vices  —  such  as  email,  streaming  video, 
Web  browsing  and  IP  telephony 
IFbS  specifies  techniques  for  transporting 
IP  packets  between  a  central  hub  terminal 
(the  terminal  residing  at  a  service  provider 
network  operations  center  that  interfaces 
with  the  satellite  and  the  Internet  or  WAN) 
and  remote  terminals  (the  terminal  resid¬ 
ing  with  the  end  user),  using  standard  geo¬ 
synchronous  satellites.  Geosynchronous 
satellites  circle  Earth  once  per  day  match¬ 
ing  Earth’s  rotation  on  its  axis,  so  that  a 
remote  terminal  on  Earth  can  point  at  the 


satellite  at  one  spot  in  the  sky  and  not  have 
to  track  its  motion. 

When  an  end  user  with  a  remote  termi¬ 
nal  sends  a  request  for  a  Web  page,  IFbS  is 
employed  in  the  inroute  —  from  the 
remote  terminal  to  the  satellite.  An  IFbS- 
compatible  radio  takes  the  IP  packet 
request,  converts  it  to  radio  frequency  and 
transmits  the  data  to  the  satellite. 

Between  the  end  user  and  the  satellite, 
IFbS  establishes  a  Satellite  Independent 
Service  Access  Point  (SI-SAP),  a  well- 
defined  interface  between  satellite-depen¬ 
dent  functions  and  application  layers, 


enabling  an  open  service  delivery  plat¬ 
form.  The  ability  to  interface  with  the 
SI-SAP  makes  IFbS  easily  scalable. 

For  application  developers,  and  users  of 
the  applications,  IFbS’  transport  architec¬ 
ture  is  hidden  under  the  SI-SAP  and  IPv4. 
This  lets  companies  implement  applica¬ 
tions  that  are  not  affected  by  improve¬ 
ments  and  changes  in  the  underlying  trans¬ 
port.  Applications  and  value-added  ser¬ 
vices  running  over  IFbS  operate  at  the  IP 
level, simplifying  upgrades  and  portability 

When  a  request  reaches  a  satellite,  IFbS 
maximizes  capacity  on  the  transponder 
(a  circuit  on  the  satellite  that  receives, 
modulates,  amplifies  and  retransmits  an 
uplinked  signal)  by  operating  on  the 
same  transmission  principle  as  the 
Ethernet.  If  two  users  send  requests  at  the 
same  time,  they  back  up  and  resend,  free¬ 
ing  up  capacity,  maximizing  bandwidth 
and  creating  a  more  cost-effective  solu- 
tion.Then  the  satellite  transmits  the  ampli¬ 
fied  but  unmodified  signal  down  to  the 
IPoS  hub. 

In  the  outroute  direction  —  from  the 
hub,  through  the  satellite,  to  the  satellite 
remote  terminal  —  IPoS  follows  the 
DVB-S  standard  wherein  all  traffic  to  all 
remote  terminals  is  time-mulitiplexed 
onto  one  broadband  carrier. 

Widespread  adoption  of  IFbS  by  applica¬ 
tion  developers  and  manufacturers  will  let 
a  broader  market  of  competing  satellite 
services  give  companies  a  greater  choice 
of  broadband  solutions. 

Ultimately,  IFbS  will  open  the  doors  to  a 
much  larger  world  of  satellite  services. 

Kenyon  is  senior  vice  president  of 
Hughes  Network  Systems.  He  can  be 
reached  at  jkenyon@hns.corn. 


Dr.  Internet 


By  Steve  Blass 


Our  production  Internet  Information  Server  failed 
to  boot  after  we  installed  the  MS04-011  patch,  so 
we  restored  the  system  to  its  previous  state  and  it 
runs  again.  But  now  we're  worried  about  the  latest 
IIS  exploits.  Are  there  workarounds  we  can  use  to 
secure  the  system  while  we  further  test  the  patch 
installation  on  our  development  server? 

Go  to  the  Microsoft  TechNet  Web  site  (www.nw 
fusion.com,  DocFinder:  1836).  Currently  the  most 


widely  known  exploit  attacks  the  Private  Com¬ 
munication  Transport  protocol  developed  by 
Microsoft  and  Visa,  and  since  replaced  by  Secure 
Sockets  Layer  Version  3.  You  can  protect  your 
server  from  the  IIS  PCT  exploit  by  disabling  PCT 
in  the  registry  (described  in  Microsoft  Knowledge 
Base  Article  187498).  Ten  of  the  other  13  problems 
the  MS04-011  patch  tries  to  fix  have  workarounds 
listed,  ranging  from  using  a  firewall  to  block  se¬ 
lected  ports,  to  un-registering  the  HCP  protocol 


by  deleting  the  HCP  key  from  the  registry.  Remain¬ 
ing  issues  (holes  in  the  ASN.1  library,  the  local 
descriptor  table  and  a  buffer  overrun  in  winlogon) 
lack  workarounds  and  leave  systems  exposed  to 
compromise,  so  working.out  the  installation  details 
and  getting  that  patch  installed  is  still  critical. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internei@ 
changeatwork.  com. 
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a  bite  out  of  our  spam  problem 
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Two  things  have  become  clear  about 
anti-spam  products:  First,  there  is  no 
“best”  solution.  There  are  some  types 
of  anti-spam  solutions  that  will  fit  your  envi¬ 
ronment  better  than  others.Which  solution 
will  work  for  you  depends  on  whether  you 
can  tolerate  false  positives  and  false  nega¬ 
tives,  how  intolerant  of  spam  your  users 
are,  how  smart  they  are,  how  odd  your 
requirements  are  (such  as  wanting  to  see 
certain  types  of  spam),  how  much  techni¬ 
cal  support  you  have  and  so  on. 

The  second  thing  is  that  cost  really  isn’t 
an  issue.  Anti-spam  solutions  that  will 
remove  at  least  80%  of  unwanted  messages 
can  be  implemented  for  less  than  $12  per 
user,  per  year  (compare  that  with  a  typical 
productivity  loss  per  user  of  about  $340  per 
year  in  an  unfiltered  environment). 

What  is  important  is  how  anti-spam  ser¬ 
vices  will  integrate  with  messaging  environ¬ 
ments.  One  promising  direction  for  compa¬ 
nies  that  want  a  straightforward,  centralized 
enterprisewide  anti-spam  solution  is  appli- 


Technology  Update _ 

Barracuda  takes 

ance-type  products  —  turnkey  devices  that 
front-end  e-mail  services. 

We  have  been  using  such  a  device  for  a 
couple  of  months  and  have  been 
impressed  with  the  results.  The  product  is 
the  Barracuda  Spam  Firewall  200  from 
Barracuda  Networks  (www.nwfusion.com, 
DocFinder:  1839). The  Spam  Firewall  hard¬ 
ware  is  based  on  1U  rack-mount  servers 
running  a  customized  version  of  Linux. 

Barracuda’s  filtering  services  use  multiple 
techniques  to  identify  and  remove  spam. 
First  comes  blacklisting  of  computers  and 
domains  that  belong  to  known  spammers 
(the  list  is  updated  automatically).  Next  up 
are  keyword  scanning;  checksumming  to 
identify  repeated  messages;  message 
authenticity  checking  (source  address  veri¬ 
fication  and  Simple  Mail  Transfer  Protocol 
[SMTP]  conformance);  local  blacklists  and 
whitelists;  rate  controls  to  stop  bulk  messag¬ 
ing,  denial-of-service  e-mail  attacks  and  dic¬ 
tionary-based  spam  attacks;  and  file-type 
attachment  blocking.  The  Spam  Firewall 
also  provides  built-in  anti-virus  services. 

Many  of  these  filtering  techniques  can  be 
configured  on  a  per-user  basis.  For  exam¬ 
ple,  scanning  can  be  used  to  “score”  e-mail, 
with  messages  scoring  above  a  system  or 
user-defined  threshold  flagged  as  spam  or 
optionally  quarantined. 


Barracuda  offers  four  models,  ranging 
from  entry-level  (the  200)  that  the  com¬ 
pany  says  handles  1,000  active  e-mail  users 
and  1  million  e-mail  messages  per  day  to  a 
high-end  model  (the  600)  suitable  for 
25,000  active  e-mail  users  and  25  million 
email  messages  per  day  Note  that  there  is 
no  actual  set  limit  to  the  number  of  users 
that  a  particular  model  can  handle;  the 
maximum  messagehandling  rate  required 
by  a  given  environment  is  the  constraint. 

Configuration  and  management  of  the 
Barracuda  Spam  Firewall  is  simple.  (Note 
that  Barracuda  uses  a  neat  technique  that 
avoids  using  Secure  Sockets  Layer  for 
administrative  logon  but  never  sends  pass¬ 
words  in  plain  text.  For  details  see  my 
Network  World  Web  Applications  newslet¬ 
ter,  “CHAP  logon  cheaper  than  SSL,” 
DocFinder:  1840.) 

Integration  with  existing  messaging  ser¬ 
vices  was  easy:  We  reconfigured  our 
router  to  send  incoming  SMTP  to  the  Bar¬ 
racuda  and  configured  the  Barracuda  to 
forward  messages  to  our  SMTP  server.  To 
our  users  the  service  was  completely 
transparent  with  the  exception  that  spam 
almost  disappeared. 

To  assist  the  Spam  Firewall  in  characteriz¬ 
ing  spam,  Barracuda  provides  a  Microsoft 
Outlook  plug-in  so  you  can  send  selected 


messages  back  to  the  Spam  Firewall  as 
spam  or  not  spam  as  appropriate,  and  the 
messages  are  added  to  the  Bayesian  filters 
data  set. 

The  Barracuda  Spam  Firewall  200  costs 
$1,200;  the  300  $1,900;  the  400  $4,000;  and 
the  600  is  priced  on  application. The  black¬ 
list  and  anti-virus  service  updates  cost  $300 
annually  If  you  use  the  300,  the  cost  is 
roughly  $2  per  user,  per  year,  for  the  first 
year.  That  doesn’t  include  configuration 
and  management  costs,  but  that  still  won't 
be  anywhere  near  $340  per  user,  per  year! 

The  charge  that  is  always  leveled  at  appli¬ 
ance  solutions  is,  what  if  the  appliance 
fails?  Barracuda’s  answer  is  a  24-hour 
replacement  service  for  another  $299  per 
year.  For  small  organizations  this  is  quite 
workable,  although  given  the  device’s  low 
cost  we  think  it  would  just  be  easier  to  buy 
a  second  unit,  as  all  but  the  least-expensive 
model,  the  200, support  clustering. 

Currently  we  receive,  on  average,  4,300 
messages  per  day  with  about  96%  spam.  We 
have  found  that  the  Barracuda  Spam 
Firewall  system  works  extremely  well, such 
that  we  will  regret  sending  it  back.  We  may 
well  get  very  difficult  about  it. 

No  regrets  or  spam  to  gearhead@ 
gibbs.com. 


Cool 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Samsung  launches  multi¬ 
purpose  monitor 

Monitors  aren’t  just  for  dis¬ 
playing  the  contents  of  your  PC 
anymore.  This  was  evident  in 
last  week’s  announcement  by 
Samsung  for  its  widescreen  17- 
inch  SyncMaster  173mw.  It  acts 
as  an  LCD  television  (HDTV- 
ready),  video  display  for  con¬ 
necting  devices  such  as  DVD  players,  digi¬ 
tal  projectors,  camcorders  and  security 
cameras,  or  as  a  regular  computer  moni¬ 
tor.  The  173mw  includes  an  integrated  TV 
tuner,  which  lets  users  plug  a  TV  antenna  or  cable  signal 
directly  into  the  device.  The  monitor  also  has  built-in 
speakers. 

The  173mw  supports  composite,  component  and 
S-video  outputs,  offers  a  16:10  wide-format  aspect  ratio, 
supports  resolution  up  to  1,280  by  768  pixels,  and  has  450 
nits  of  brightness  and  a  500:1  contrast  ratio.  The  16:10 
widescreen  ratio  lets  users  display  widescreen  DVD 
movies  better  than  the  typical  4:3  aspect  ratio  seen  on 
regular  monitors, Samsung  says.  Also  supported  is  picture- 
in-picture,  which  lets  computer  users  watch  TV  and  work 
on  the  computer  at  the  same  time. 

Samsung  says  the  monitor  will  ship  by  the  end  of  the 


Samsung's  SyncMaster  173mw 
includes  a  built-in  TV  tuner  and 
is  HDTV-ready. 


month  and  will  cost  about  $820. 

Sprint  launches  $150  video  phone 

Sprint  continues  its  video  phone  (aka 
camcorder  phone)  onslaught.  Last  week 
Samsung  and  Sprint  announced  the  VM- 
A680,  a  $150  (after  re¬ 
bates)  model  that  lets 
users  take  15-second 
video  clips  with  a 
cell  phone.  Earlier 
this  year  Sprint 
launched  some 
high-end  models 
that  can  also  take 
video  clips. 

The  A680  in¬ 
cludes  camcorder¬ 
like  features  such 
as  audio  and  bright¬ 
ness  controls;  zoom 
capabilities;and  the  abil¬ 
ity  to  personalize  videos. 

Clips  can  be  sent  over  Sprint’s  PCS  net¬ 
work  to  an  e-mail  address  or  another 

video  phone. 

Other  features  of  the  clamshell-style  phone  include  a 
built-in  VGA  camera  (640-by-480-pixel  resolu¬ 
tion),  a  1.8-inch  color  display,  Short 
Message  Service  text  mes¬ 
saging,  voice-acti 
vated  dialing  and 
status  features,  a 
personal  organ¬ 
izer  and  an  “air¬ 
plane  mode,” 
which  lets  a  user 
turn  off  the  phone  part 


Sprint's  VM-A680  video  phone  lets 
users  record  15-second  video  clips. 


but  still  use  applications  on  it.  The 
standard  battery  offers  up  to  3.2 
hours  of  talk  time  and  up  to  nine  days 
of  standby  time  (longer  times  for  the 
extended  battery). 

Remember  the  floppy! 

Iomega  last  week  launched  a  device 
that  reads  not  only  the  new-fangled 
memory  card  formats  such  as  Secure 
Digital  and  MuItiMedia  Card  (MMC),but 
also  reads  those  old  3.5-inch  floppy 
disks. 

The  Iomega  Floppy  Plus  7-in-l  Card 
Reader  weighs  about  12  ounces,  and  con¬ 
nects  to  a  PC  via  a  USB  port.  The  device  sup¬ 
ports  read  and  write  capabilities  for  seven 
memory  card  formats,  including  floppy  disks 
(1.44M  byte),  Compact  Flash  (type  I  and  II), 
SmartMedia,  Microdrive,  MMC,  Secure  Digital  and  Sony 
Memory  Stick  (and  Memory  Stick  Pro). 

The  device  supports  PCs  with  Windows  98  and  higher, 
and  Macintosh  systems  with  Mac  OS  X  or  higher  with 
built-in  USB  ports.  The  device  costs  $60.  Go  to  the 
Iomega  Web  site  for  more  details. 


Shaw  can  be  reached  at 
kshaw  @nww.  com. 


You  can  read  your  old  floppies  (and  six 
other  memory  card  formats)  with 
Iomega's  Floppy  Plus  7-in-1  Card  Reader. 
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www.executive.com/nwsk32 
or  call  1-800-829-6468  Ext.:  4276 


No  steep  learning  curve.  No  special  training.  No  wonder  so  many  system  administrators 
are  raving  about  new  Sitekeeper  3.1!  Sitekeeper  is  the  affordable  way  to  track  down  and 
deploy  missing  patches,  deploy  software  and  updates,  track  license  compliance,  and 
perform  hardware  and  software  inventories — all  within  minutes  of  installation.  You'll  be 
amazed  at  the  time  you  save.  Imagine  never  having  to  perform  manual  machine-by¬ 
machine  updates  and  inventories  again! 


Sitekeeper  doesn't  require  dedicated  servers  or  expensive  databases,  so  it  easily  fits  in 
your  budget.  Sitekeeper  runs  on  any  NT/2K/XP  machine  and  manages  clients  running  any 
version  of  Windows,  from  95  to  Server  2003.  Install  Sitekeeper  and  start  managing  right 
away.  Cut  out  complexity  and  increase  productivity  with  NEW  Sitekeeper  3.1 ! 
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Up  with  capacity.  Down  with  complexity.  HP  StorageWorks 
Enterprise  Virtual  Array  combines  disk-array  storage  with 
the  ability  to  pool  resources,  making  it  easy  to  oversee  and 
control  vast  amounts  of  information.  Virtualization  ensures 
capacity  is  dynamically  expanded,  giving  you  the  most 
efficient  use  of  space  without  disrupting  service. 

Now  information  has  room  to  breathe,  and 
your  business  has  room  to  change. 
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ON  TECHNOLOGY 

John  Dix 


Broadband 
in  spotlight 


if  was  refreshing  to  hear  President  Bush  last  week 
emphasize  the  need  to  speed  the  deployment  of 
broadband  access,  and  his  methods  seem  sensible 
and  on  target. 

As  part  of  his  speech  to  the  American  Association  of 
Community  Colleges  last  week  in  Minneapolis,  Bush  said 
broadband  was  central  to  transforming  our  economy  by 
facilitating  the  flow  of  information  and  knowledge,  and 
reiterated  his  desire  to  see  broadband  reach  “every  cor¬ 
ner  of  our  country  by  2007.” 

Noting  that  the  U.S.  ranks  10th  among  industrialized 
countries  in  broadband  availability  Bush  proposed  ways 
to  turn  the  tide.  He  said  the  government  should  clear  reg¬ 
ulatory  hurdles,  increase  access  to  federal  land  for  fiber 
runs  and  transmission  towers,  open  up  federally  con¬ 
trolled  wireless  spectrum,  and  ban  taxes  on  access. 

Regarding  the  latter,  the  Senate  on  the  same  day  started 
to  debate  whether  to  renew  a  ban  on  Internet  access 
taxes,  with  some  senators  arguing  that,  as  telephone  traf¬ 
fic  moves  to  the  Internet,  traditional  telephony  taxes 
should  apply 

We  side  with  the  president  on  this.  Adding  taxes  would 
slow  deployment  and  adoption.  As  Rick  White,  CEO  of 
theTechNet  lobbying  group,  says, “We  don’t  want  a  sys¬ 
tem  like  we  have  with  the  telecom  network,  where  the 
government  taxes  a  bunch  of  things  and  then  has  lots  of 
control  over  how  the  network  is  operated. That’s  not 
going  to  work  very  well  on  a  high-tech  net  that  needs  to 
evolve  as  the  tech  evolves." 

But  perhaps  the  two  most-important  things  that  came 
out  of  the  president’s  speech  were  1)  his  clarifying  that 
broadband  is  a  national  concern,  and  2)  a  key  thing  the 
government  can  do  is,  in  the  president’s  words, “clear  out 
the  underbrush  of  regulation.” 

Because  telephony  incumbents  view  the  Internet  as  a 
threat,  there  are  some  that  would  like  to  see  the  Internet 
saddled  with  the  same  regulatory  mantle. That  would  be 
a  huge  step  backward. 

As  White  says:“What  we  should  be  doing  is  using  this 
new  technology  to  help  us  out  of  that  swamp.  Instead  of 
saying  'VoIP  competes  with  you  so  it  should  get  all  the 
same  regulations  you  have,’  we  should  say, ‘Once  VoIP  is  a 
significant  part  of  your  market,  instead  of  making  it  sub¬ 
ject  to  all  the  old  regulations,  we’ll  deregulate  you  so  you 
can  play  by  the  new  rules.’” 

There  is  much  work  left  to  be  done,  but  elevating  the 
broadband  discussion  and  promising  to  simplify  regula¬ 
tion  can  only  help. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Offshoring  opinions 

Regarding  Mark  Gibbs’  Backspin  column  “Off¬ 
shoring  for  the  right  reasons”  (www.nwfusion. 
com,  DocFinder:  1828):  Marc  Andreessen’s  inter¬ 
view  in  The  Atlanta  Journal-Constitution  was  not 
about  the  corporate  benefits  or  pitfalls  of  out¬ 
sourcing,  but  its  effect  on  the  American  economy 
and  job  market.  Andreessen’s  point  was  that  as 
an  American  consumer,  he  also  would  reap  the 
potential  benefits  of  outsourcing  by  getting 
lower  prices  for  goods  and  services. Thus,  there  is 
a  net  benefit  to  the  American  economy,  even 
though  in  the  short  term  jobs  are  lost. 

Andreessen’s  example  was  obviously  not  that 
great,  but  that’s  beside  the  point.  1  think  a  discus¬ 
sion  about  whether  there  is  a  net  benefit,  and 
how  we  help  those  whose  jobs  are  displaced, 
would  be  more  beneficial  than  dissecting  why 
you  really  don’t  want  to  hire  an  Indian  tax 
accountant. 

A  separate  but  also  relevant  discussion  would 
be  about  what  the  true  costs  and  benefits  of  out¬ 
sourcing  are  for  an  American  company  Gibbs 
seems  to  combine  these  points  in  his  final  state¬ 
ment,  that  outsourcing  is  neither  a  threat  to  the 
U.S.  economy  nor  a  simple  way  for  companies  to 
cut  costs. 

Stephen  Lang 
Director  of  business  development 

Danergy 
Camarillo,  Calif. 

Mark  Gibbs  says  Dell’s  Indian  technical  support 
representatives  are  “hard  to  understand”  and 
received  “training  in  problem-solving  [that] 
apparently  involves  laboriously  and  mechanic¬ 
ally  tracing  a  fault  tree  to  its  bitter  end  . . .” 

E-mail  letters  to  jdix@nww.  com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


My  experiences  with  Dell  customer  support 
from  India  have  been  quite  the  opposite.  First,  I 
have  never  had  a  problem  understanding  or 
conversing  with  their  India-based  support  repre¬ 
sentatives  —  they  speak  clearly,  with  good  dic¬ 
tion  and  excellent  command  of  the  English  lan¬ 
guage,  and  they  could  understand  my  accent 
well. 

In  addition,  with  the  two  separate  problems 
they’ve  solved  for  me  (one  requiring  reinstalla¬ 
tion  of  the  video  driver  in  Windows  XRthe  other 
diagnosing  which  of  two  memory  modules  was 
failing  and  needing  to  be  replaced),  I  have 
found  Dell  support  representatives  to  be  adapt¬ 
able  to,  and  respectful  of,  my  skill  level  and  not 
asking  inane  questions  such  as,  “Did  you  power 
it  on?” 

I  recognize  that  others’  experiences  might  be 
different.  But  my  experience  with  offshore  sup¬ 
port  from  Dell  has  been  quite  acceptable. 

Colin  Strutt 
Principal 
Interisle  Consulting  Group 
Westford,  Mass. 

Limited  solution 

Regarding  Johna  Till  Johnson’s  column  “The 
solution  to  ‘offshoring’  problem:  Innovation” 
(DocFinder:  1829):  Innovation  is  a  terribly  lim¬ 
ited  solution  for  addressing  the  current  out¬ 
sourcing  wave’s  effects.  The  column  should  at 
least  have  also  mentioned  the  unlevel  playing 
field  in  which  the  U.S.  now  competes.  Even  if  it’s 
true  that  investing  in  research  and  development 
is  the  best  way  to  ensure  a  steady  job  supply,  on 
the  playing  field  we  have  now,  it’s  unlikely  that 
Americans  will  be  the  primary  recipients  of 
its  fruits. 

Rodger  Silvers 
San  Francisco 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  1822 
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JOB  STRATEGIES 

Gian  Zoppo 

Keeping  IT  in  the  strategic  mix 

S  ■  ow  can  you  ensure  that  IT  stays  in  your  company's  strategic 
■4  mix?  Build  a  technology  team  that  enables  business  goals,  by 
§  1  partnering  with  business  units  to  increase  revenue  and  profit. 
To  keep  IT  as  a  strategic  part  of  your  business, you  and  your  staff  will 
have  to  start  thinking,  talking  and  acting  like  business  staff. Why?  Your 
career  could  depend  on  it. 

Many  companies  already  outsource  large  portions  of  IT,  including 
help  desks,  data  centers  and  infrastructure.  Even  application  devel¬ 
opment,  once  thought  to  be  too  strategic  to  move,  is  going  out  of 
house.  This  outsourcing  is  only  possible  because  top  management 
thinks  IT  services  —  and  the  workers  who  provide  them  —  are  not 
central  to  revenue  generation  and  the  products  the  company  pro- 

itable?  How  do  they  deliver  value  to  the  clients?  What  would  they  like 
to  be  able  to  do  but  have  not  yet  figured  out  how?  Apply  your  expertise 
here.  Work  with  them  to  identify  new  approaches  that  will  help  deliver 
new  products  in  these  high-profit  areas.  In  doing  so,  you  will  demon¬ 
strate  the  value  that  IT  brings  to  the  future  creation  of  revenue  and  prof¬ 
its. 

So  how  does  this  specifically  translate  into  networking?  The  net¬ 
work  infrastructure  in  many  companies  is  more  important  to  busi¬ 
ness  operations  than  any  other  aspect  of  technology.  It  is  the  foun¬ 
dation  upon  which  critical  applications  run.  In  the  past,  delivering  a 
stable  and  robust  network  was  enough.  Now  the  network  is  more 
than  a  delivery  module;  it  is  as  much  a  part  of  the  application  as  the 

To  keep  IT  as  a 
strategic  part  of 
your  business . . . 
start  thinking, 
talking  and  act¬ 
ing  like  business 
staff. 

duces.  In  the  absence  of  strong  evidence  to  the  contrary,  it  is  only  a 
matter  of  time  before  all  of  IT  is  outsourced. 

So  how  can  IT  management  demonstrate  its  value  to  top  manage¬ 
ment?  By  building  business  equity  —  the  value  that  you  bring  to  the 
revenue  side  of  the  balance  sheet.  For  CEOs,  the  value  that  IT  brings 
to  a  company  is  not  the  technology  that  it  implements  and  supports, 
but  rather  the  technical  expertise  that  helps  the  company  achieve 
revenue  and  profit  goals.  CEOs  want  proactive  partnerships  with  IT 
that  produce  truly  creative  products.  Your  ability  to  deliver  on  this 
requirement  will  create  the  business  equity  that  will  keep  you  em¬ 
ployed  in  the  21st  century 

Taking  the  first  step  in  building  your  business  equity  requires  that  you 
learn  more  about  the  revenue  side  of  your  company.  Approach  the  busi¬ 
ness  units  and  ask  them  how  they  generate  revenue.Talk  to  them  about 
their  most  profitable  products  or  services.  What  makes  them  so  prof- 


code  that  makes  it  work. 

Understanding  how  to  deliver  application  performance,  interaction 
and  innovation  over  a  network  is  more  important  today  than  under¬ 
standing  how  to  build  and  deliver  the  network. The  business  equity 
is  in  understanding  how  to  deliver  the  high-value  business  products 
over  the  network. 

Transforming  a  team  of  engineers  into  enablers  of  business  goals  is 
not  easy,  but  your  future  depends  on  it.  By  partnering  with  upper  man¬ 
agement  to  increase  revenue  and  profits,  you  can  build  the  business 
equity  that  will  demonstrate  your  value  to  the  revenue  side  of  the  com¬ 
pany,  and  possibly  preserve  your  job. 

Zoppo  is  CEO  of  Straighthink,  a  technology  strategy  firm  in 
Westchester  County,  N.  Y.  He  can  be  reached  at  gian.zoppo@ 
straighthink.com. 


TELECOM  CATALYST 

Daniel  Briere 

Is  it  just  me,  or  have  telecom  services  gone 
to  hell  lately?  From  my  cell  phone  to  land¬ 
line  to  cable  modem  Internet  services,  it 
seems  that  things  are  breaking  more  —  not 
just  once,  but  repeatedly  I’ve  considered  all 
sorts  of  likely  causes  for  this  surge: 

•  The  lack  of  investment  in  the  past  few 
years  is  finally  taking  its  toll. 

•  Telcos  are  starting  to  upgrade  network  elements, but  are  using  fewer, 
less  well-trained  people, so  bugs  occur. 

•  In  an  effort  to  please  Wall  Street,  revenue-generating  functions  are 
rushed  into  production  before  staff  is  adequately  trained  for  support. 

•  Overworked  and  underpaid  personnel  have  just  started  to  care  less. 
•  Any  combination  of  the  above  (or  add  your  own  two  cents). 
Calling  for  service  is  like  playing  Russian  roulette  —  you’re  never  sure 
what  you’re  going  to  get.  Part  of  the  problem  with  telecom  is  the  grow¬ 
ing  sophistication  of  the  user  base.  Unfortunately, as  users  have  become 
more  knowledgeable,  the  telephone  and  cable  companies  haven’t  kept 
up.  It  costs  a  lot  of  money  to  meet  the  expectations  of  a  smart  user  base, 
and  telcos  are  still  under  the  gun  to  control  or  even  cut  costs. 

Recently  I  tried  to  order  DSL  from  Verizon  for  my  vacation  home  on 
an  island  off  the  coast  of  Maine.  My  neighbor  three  doors  down  could 
get  it, so  I  figured  that  anyone  on  the  island  could. 

“I’m  sorry  your  line  is  too  far  for  DSL  to  reach,”  the  customer  service 
representative  explained. 

“My  neighbor  three  doors  down  can  get  it,”  was  my  quick  reply  I  was 
immediately  bumped  up  to  a  supervisor. 

“You’re  at  18,100  feet  and  DSL  does  not  work  beyond  18,000  feet,”  the 
supervisor  said. 

Actually,!  corrected, the  signal  doesn’t  stop  working  at  18,000;  it  starts 
to  degrade  and  can’t  support  the  same  speed  or  bandwidth  that  it  does 
at  18,000  feet,  but  100  extra  feet  won’t  make  much  difference. 
Silence.Then,“OK,well,I  can’t  put  you  in  my  system  if  you  are  beyond 


The  Rodney  Dangerfields 


18,000  feet.” 

More  users  are  calling  customer  service  to  request  best-practices 
support  (“What  do  you  mean  you  don’t  have  a  list  to  notify  cus¬ 
tomers  of  outages?),  inquire  when  services  are  going  to  be  available 
in  their  area  (“My  friend  with  SBC  in  California  has  the  service  where 
you  can  combine  local,  long-distance  and  DSL  onto  one  bill.  Can  I 
get  that,  too?”),  and  get  real  technical  support  (“Do  I  have  to  put  my 
wireless  access  point  into  bridge  mode  if  I  already  have  a  router  on 
my  network?”). 

Even  when  the  service  providers  try  to  throw  some  technology  at  the 
solution  by  adding  online  interfaces  to  their  customer  care  areas  so 
they  can  provide  a  measured  response,  they  still  blow  it.  According  to 
the  Customer  Respect  Group’s  recent  study  of  how  telecom  service 
provider  and  network  gear  manufacturers  treat  their  online  customers 
(see  www.nwfusion.com,  DocFinder:  1827),  there’s  a  lot  of  work  to  be 
done.  In  their  tests,  23%  of  the  telecom  companies  evaluated  did  not 
respond  to  any  online  inquiries.  Sixty-two  percent  of  companies  use 
Autoresponder  technology  for  all  inquiries,  yet  21%  of  those  failed  to 
follow  up  on  any  of  their  Autoresponses  with  a  genuine  answer  to  the 
inquiry 

Telcos  need  to  respect  their  user  base  more  and  start  taking  care  of 
their  information  needs.  However,  it’s  unlikely  budget-conscious  tele¬ 
phone  and  cable  companies  can  spend  the  money  required  to  bring 
their  customer  service  reps  up  to  the  level  of  smarter  users.  The  best 
way  to  provide  support  for  a  really  knowledgeable  clientele  is  not  to  try 
to  train  more  reps  to  be  smarter  than  the  people  calling  in,  but  rather  to 
provide  a  lot  more  tools  online  to  let  smart  users  figure  things  out  for 
themselves.  Users  don’t  want  to  call  their  telcos;  we’d  rather  just  fix  our 
problems  ourselves. Service  providers  should  at  least  have  the  courtesy 
to  give  us  the  tools  to  do  so. 

Briere  is  CEO  ofTeleChoice,  a  market  strategy  consultancy  for  the  tele¬ 
com  industry.  He  can  be  reached  at  telecomcatalyst@telechoice.com. 
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. . .  as  users 
have  become 
more  knowledge¬ 
able,  the  tele¬ 
phone  and  cable 
companies 
haven't  kept  up. 
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■  BY  SUSAN  BREIDENBACH 


PBX,  WLAN  and  handset 
makers 
c 

wireless  sol 


Turn  to  page  44  to  learn 
why  some  early  adopters 
are  talking  up  VoWi-Fi.  (t ' 


DAWUD  ANYABWILE 


Todays  nascent  voice-over-Wi-Fi  market  offers  mobility- 
hungry  companies  a  growing  array  of  pre-standard 
products,  often  backed  by  troika  partnerships  that  the 
handset,  wireless  LAN  infrastructure  and  PBX  players 
are  forming  to  piece  together  complete  solutions. 

Voice  over  Wi-Fi  (aka  VoWLAN)  refers  to  the  provisioning  of  IP  voice  services  across 
802.1 1-based  wireless  LANs.  Several  IEEE  802.1 1  working  groups  are  finishing  up  some 
key  enabling  standards,  such  as  802.1  les  Wireless  Multimedia  Extensions.  Meanwhile, 
todays  products  often  use  proprietary  technology 
It  is  voice  that  is  driving  WLAN  deployment,  and  a  lengthening  lineup  of  industry 
behemoths  and  innovative  start-ups  are  clamoring  for  customers.  While  InStat/MDR 
expects  theVoWi-Fi  installed  base  to  more  than  double  this  year,  from  75,000  to  170,000, 
it’s  clear  that  supply  still  outweighs  demand. 

Those  ready  to  buy  must  sort  through  the  value  propositions  that  various  vendor 
alliances  bring  to  the  table.  Or  they  can  turn  to  Cisco,  which  is  taking  on  all  the  VoWi-Fi 
players  with  a  single-vendor  approach. These  decisions  are  being  made  while  the  stan¬ 
dards  bodies  still  seek  common  ground  for  security  and  quality  of  service. 

“In  the  absence  of  complete  and  usable  standards,  that’s  where  you  get  partnerships,” 
says  Jonathan  Cohen,  director  of  product  line  management  for  Avaya’s  communications 


appliances  division. “We  have  to  do  special  things  to  the  handsets  and  have  special  rela¬ 
tionships  with  the  wireless  access  point  vendors  to  get  voice  to  work  over  something  that 
isn’t  optimized  for  real  time.”Avaya  partnered  with  heavyweights  Proxim  and  Spectral  .ink. 

Wireless  handset  pioneer  SpectraLink  is  the  most  sought-after  partner  in  the  VoWi-Fi 
industry.  PBX  vendors  want  to  offer  a  range  of  handset  options,  and  SpectraLink’s  prod¬ 
uct  line  includes  everything  from  small,  stripped-down  models  to  ruggedized  devices 
with  push-to-talk  capabilities.  Now  that  Symbol  Technologies  is  focused  on  voice¬ 
enabling  mobile  terminals,  the  choices  have  pretty  much  come  down  to  reselling 
SpectraLink’s  handsets  or  building  your  own. 

SpectraLink  recently  enhanced  its  802.11  offerings  with  a  docking  station  that 
includes  an  integrated  speakerphone  and  charging  cradle. The  vendor  boasts  anoth¬ 
er  asset  in  its  SpectraLink  Voice  Priority  protocol,  which  is  supported  by  established 
vendors  and  WLAN  start-ups  alike. 

Wireless  infrastructure  options 

In  choosing  a  WLAN  partner,  PBX  giants  Nortel  and  NEC  rejected  market  leader  Proxim 
in  favor  of  start-up  Airespace.  The  WLAN  switch  vendor  touts  real-time  performance 
(sub-50-millisec  handoffs), dynamic  radio  frequency  management, and  radio  frequency 
fingerprinting  that  enables  E91 1  support. 

NEC  was  the  first  to  recognize  the  potential  of  Airespace’s  technology,  inking  a  co¬ 
development  deal  “before  they  were  even  Airespace,”  says  Paul  Weismantel,  director  of 

See  VoWi-Fi,  page  43 
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VoWi-Fi  vendor  dance  card 

Stepping  up  to  voice  over  wireless  requires  an  IP  PBX,  WLAN  infrastructure  and  a  handset  or 
other  type  of  voice  client,  so  many  vendors  have  formed  partnerships  to  piece  together  complete 
systems.  This  chart  represents  a  sampling  of  what  each  vendor  brings  to  the  dance  and  some 
of  their  key  partners. 

PBX 

WLAN  infrastructure 

Handsets/clients 

Alcatel 

Airespace 

Motorola 

•  Open  PBX  platform. 

•  Dynamic  RF  spectrum  management. 

•  Expected  to  release  first  dual-mode  phone. 

•  Heritage  as  a  PC  and  PC 

•  RF  fingerprinting  for  E911  support. 

•  Extensive  relationships  with  wireless  carriers. 

LAN  vendor. 

•  Partners:  Alcatel,  NEC,  Nortel, 

•  Partners:  Avaya,  NEC,  Proxim. 

•  Partners:  Airespace, 

SpectraLink,  Vocera. 

SpectraLink. 

SpectraLink 

Avaya 

Aruba  Wireless  Networks 

•  Market  leader. 

•  Stateful  classification  of  traffic  types. 

•  Docking  station  with  speaker  phone  and 

•Voice  technology  pioneer. 

•  System-wide  call  management  control. 

charging  cradle. 

•  PBX  market  share. 

•  Partners:  SpectraLink, TeleSym,  Vocera. 

•  Relationships  with  wireless  carriers. 

•  Partners:  Proxim, 

•  Partners:  Alcatel,  Avaya,  Meru,  Nortel, 

Motorola,  SpectraLink. 

Meru  Networks 

•  Fine-grained  QoS  upstream  and 

Proxim. 

NEC 

downstream. 

TeleSym 

•  All-out,  top-down  effort 

•  Supports  many  more  calls  per  access  point 

•  Softphone  flexibility  with  enterprise  quality. 

•  Long-time  mobility 

•  Partners:  SpectraLink,  Vocera. 

•  Client-side  quality  management  addresses 

advocate. 

jitter,  delay,  packet  loss. 

•  Partners:  Airespace, 

Proxim 

•  Non-PBX  option. 

Motorola,  SpectraLink. 

•  Market  leader. 

•  Partners:  Airespace,  Aruba,  Avaya, 

Nortel 

♦  Subnet  roaming  with  interswitch  tunneling. 

Meru,  Nortel. 

•  Partners:  Avaya,  Motorola,  SpectraLink, 

•  PBX  market  share. 

Vocera. 

Vocera  Communications 

•  Mesh  wireless  solution  for 

•  Hands-free,  user-friendly. 

outdoors. 

Trapeze  Networks 

•  Measurable  impact  on  workflow  and 

•  Partners:  Airespace, 

•  Structured-wiring  architecture  for  air. 

productivity. 

SpectraLink. 

•Tools  ease  integration  and  maintenance. 

•  Sci-ti  glamour. 

•  Partners:  SpectraLink, TeleSym,  Vocera. 

•  Partners:  Aruba,  Meru,  Proxim. 

VoWi-Fi 

continued  from  page  41 

Enterprise  Solutions  for  NEC. The  relationship  extends  far 
beyond  a  simple  OEM  arrangement,  resulting  in  cus¬ 
tomized  product  enhancements  to  quality  of  service 
(QoS),  handset  battery  life,  security  and  fast  handoff. 
Other  Airespace  VoWi-Fi  partners  do  not  offer  these  exclu¬ 
sive  technologies. 

Airespace  caught  NEC’s  eye  because  it  “is  the  only  WLAN 
system  that  manages  the  RF  spectrum  dynamically,  moni¬ 
toring  everything  and  changing  power  and  channel 
assignments  to  optimize  [access  point]  performance,” 
Weismantel  says. 

Although  Airespace  is  still  awaiting  its  third  birthday, 
there’s  an  even  newer  kid  on  the  WLAN  block.  Meru 
Networks  is  shaking  things  up  with  pre-standard  QoS 
technology  that  lets  its  access  points  support  more  than 
100  clients  and  handle  30  simultaneous  voice  calls.  The 
first  products  hit  the  market  in  the  fourth  quarter  of  2003. 

“When  others  talk  QoS,  they  are  referring  to  prioritiza¬ 
tion,”  asserts  Kamal  Amand,  vice  president  of  sales  and 
marketing  at  Meru. “We  manage  collisions  in  the  air,  doing 
finegrained  QoS  both  downstream  from  [access  point]  to 
client  and  upstream  from  client  to  [access  point] .  No  one 
else  does  the  latter  without  using  proprietary  technology 
on  the  client.” 

Meru’s  proprietary  QoS  technology  is  implemented  in  its 
switches,  minimizing  the  number  of  devices  to  be  upgrad¬ 
ed  when  the  802. 1  le  QoS  standard  is  completed.The  stan¬ 
dard  is  currently  scheduled  to  be  released  in  two  phases, 
with  the  Wireless  Multimedia  Extensions  slated  for  the 
June  timeframe,  followed  by  the  Wireless  Scheduled 
Multimedia  specifications  toward  the  end  of  the  year. 


The  start-up  is  partnering  with  SpectraLink  on  the  hand¬ 
set  side,  but  providing  its  own  support  for  the  various 
PBXs.’The  PBX  integration  only  takes  about  half  an  hour,” 
Amand  says.“We  are  just  a  transport.” 

Meru  also  has  tackled  one  of  the  biggest  VoWi-Fi  hand¬ 
set  problems:  power.  In  March,  Meru  announced  sleep¬ 
mode  drivers  it  says  can  more  than  double  talk  time 
between  recharges. 

The  WLAN  vendor  is  joined  by  a  host  of  other  start-ups 
that  are  eyeing  the  VoWi-Fi  opportunity  eagerly  and  hope 
to  make  up  in  innovation  what  they  lack  in  size  and  mar¬ 
ket  share.  These  include  Aruba  Wireless  Networks, 
Chantry,  Legra  Systems  and  Trapeze  Networks. 

WLAN  veteran  Proxim  is  building  a  next-generation  Wi-Fi 
platform  designed  from  the  ground  up  to  support  voice. 
With  this  new  infrastructure,  Proxim  is  refocusing  on  the 
convergence  ofVoWi-Fi  and  the  public  cellular  networks, 
and  working  with  Avaya  and  Motorola  to  develop  an  envi¬ 
ronment  that  supports  roaming  between  LAN  and  WAN. 

Voice  client  choices 

A  lot  of  the  waves  on  the  client  side  are  coming  from 
Vocera  Communications,  which  is  going  after  the  hands¬ 
free  niche  with  a  “wearable”  device. The  Vocera  badge  can 
be  clipped  to  a  pocket  or  lapel,  or  worn  around  the  neck. 
It  is  activated  by  pushing  a  button,  and  then  controlled 
with  voice  commands. 

Calls  can  be  made  to  phone  numbers  or  names,  and  a 
one-to-many  option  allows  real-time  broadcasts  to 
groups.  This  can  be  handy  when  there  is  a  code-blue 
emergency  in  a  hospital,  a  security  incident  in  a  retail 
environment  or  a  line  down  in  a  manufacturing  plant. 

The  Vocera  badges  and  application  server  can  operate 
independently  as  a  stand-alone  communication  system, 


but  PBX  integration  is  required  if  they  are  to  send  or 
receive  outside  calls.  Vocera  is  similarly  agnostic  to  the 
specific  WLAN  infrastructure  being  used. 

Softphone  specialist  TeleSym  also  is  eschewing  formal 
relationships  with  PBX  vendors,  and  instead  using  con¬ 
nectivity  software  that  can  integrate  with  any  PBX,  says 
Mike  Houston, senior  product  marketing  manager.“We  will 
be  making  some  announcements  regarding  the  WLAN 
infrastructure  players  in  the  weeks  ahead,  however” 

Like  the  Vocera  badges,  the  TeleSym  softphones  do  not 
need  the  PBX  to  exchange  calls  with  other  IP  phones  with¬ 
in  the  campus.  They  use  a  call  registry  to  make  Session 
Initiation  Protocol-based  calls.  Houston  characterizes  the 
TeleSym  product  as  a  high-end  softphone  with  quality- 
management  capabilities.“We  recognize  the  logical  limits 
of  trying  to  manage  all  the  voice  quality  in  the  network 
core.  We  use  client-side  quality  management  that  comple¬ 
ments  QoS  technology  by  helping  out  at  the  edge.” 

The  client  everyone  is  waiting  for  is  the  dual-mode 
phone  that  will  be  able  to  roam  between  the  Wi-Fi  and 
public  cellular  environments.  Motorola  announced  its 
Seamless  Mobility  device  in  conjunction  with  Avaya  and 
Proxim,  and  is  working  with  NEC. 

Motorola  has  demonstrated  a  prototype  that  is  roughly 
the  size  of  a  cell  phone,  and  the  company  claims  to  have 
solved  the  battery-life  problem.  The  other  major  chal¬ 
lenge  was  fitting  a  multi-band  radio  into  the  device. 

“There  are  two  802.11  spectrums  inside  it  along  with  a 
GSM  spectrum”  says  Chris  White,  director  of  business 
development  and  alliances  for  Motorola’s  seamless 
mobility  group.  “Consider  the  antenna;  you  need  to 
accommodate  all  those  frequencies.  These  were  not 
small  hurdles  to  overcome.” 

Motorola  expects  to  release  the  phone  before  year-end, 
and  White  says  people  will  be  “pleasantly  surprised”  by  its 
price,  but  declined  to  elaborate. 

An  estimated  40%  of  the  U.S.  workforce  is  now  mobile, 
making  it  ripe  for  VoWi-Fi.  But, existing  products  are  full  of 
proprietary  shortcuts, and  mix-and-match  interoperability 
is  probably  years  away. 

“IP  telephony  and  WLANs  are  still  plagued  by  their  own 
immaturities,  which  get  compounded  when  the  two  are 
combined,”  concludes  Chris  Kozup,  an  industry  analyst 
with  Meta  Group.  The  industry  is  taking  a  technology 
designed  for  latency-forgiving  data  traffic  and  trying  to  re¬ 
engineer  it  to  meet  real-time  voice  requirements.  Major 
issues  that  remain  include  security  QoS,  management  and 
scalability 

The  cost  of  handsets  is  another  inhibitor.  “We  thought 
the  price  would  come  down  to  $500,  but  the  average 
street  price  in  2003  was  $566,”  says  Gemma  Paulo,  senior 
analyst  for  In-Stat/MDR.  “SpectraLink  is  not  budging,  and 
probably  won’t  until  the  QoS  standard  kicks  in.”  And 
802.1  le  leaves  plenty  of  unanswered  questions. 

On  the  bright  side,  10%  of  users  with  WLAN  infrastruc¬ 
tures  are  running  some  voice  over  them, and  another  50% 
say  they  are  considering  it,  according  to  an  In-Stat/MDR 
survey  of  358  businesses.This  may  indicate  a  groundswell 
of  interest  in  pre-standard  solutions. 

“Enterprises  with  a  lot  of  mobile  employees  within  the 
campus  have  to  ask  themselves,  ‘Who’s  using  it  already, 
and  why?”’  says  Phil  Redmond,  an  industry  analyst  with 
Gartner." What  is  my  competition  doing,  what  is  my  indus¬ 
try  doing,  and  is  my  company  behind  the  curve?” 

Breidenbach  is  a  freelance  writer  in  Nevada.  She  can  be 
reached  at  sbreide@aol.com. 
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Early  adopters  deploy  voice  over  wireless  to  gain  mobility  and  cost  savings. 


■  BY  SUSAN  BREIDENBACH 


Organizations  venturing  into  pre¬ 
standard  VoWi-Fi  waters  are 
being  driven  by  a  critical  need 
for  real-time  voice  and  data  ser¬ 
vices.  The  retail,  logistics/ware¬ 
housing,  manufacturing  and  education  sec¬ 
tors  are  among  the  early  adopters,  but 
healthcare  is  leading  the  charge. 

Rice  Memorial  Hospital  was  early  onto  the  wireless 
voice  bandwagon, installing  a  proprietary  analog  radio  fre¬ 
quency  system  from  SpectraLink  in  1995  to  augment  cel¬ 
lular  coverage  throughout  the  facility  By  late  2002  some  of 
the  SpectraLink  gear  had  been  discontinued,  and  replac¬ 
ing  broken  items  was  becoming  a  problem. 

The  Willmar,  Minn.,  hospital  wanted  to  move  to  an  IP  net¬ 
work  that  would  support  voice.“But  we  were  also  looking 
to  improve  our  cellular  coverage  in  the  building,  and 
MobileAccess  had  a  converged  platform  that  could  do 
both,” says  Jon  Barber,  the  hospital’s  telecom  manager. 

MobileAccess  uses  a  hybrid  fiber/coaxial  backbone  to 
distribute  voice  and  data  services  to  mobile  users.  Signals 
from  the  cellular  WAN  and  the  Wi-Fi  LAN  are  carried  on 
this  backbone  to  broadband  antennas  that  can  radiate 
multiple  kinds  of  services  simultaneously  Fewer  access 
points  are  required  because  each  can  have  four  antennas. 

“You  can  put  in  a  single  infrastructure,  and  then  add 
different  signal  types  later,”  Barber  says.  “And  all  the 
[access  points]  are  put  in  the  wiring  closet,  so  they  are 
easier  to  get  to.” 

Rice  was  the  first  fully  integrated  system  MobileAccess 
installed,  so  “it  was  a  painful  process,”  recalls  Barber.  Voice 
requires  a  much  stronger  signal  than  data  on  a  wireless 
LAN,  because  the  packets  have  to  be  transmitted  right  the 
first  time, and  in  a  fixed  order.  After  a  year  and  a  half,  users 
are  still  discovering  problem  spots  that  must  be  filled  in  by 
adding  an  access  point  or  an  antenna. 

The  hospital  is  now  in  the  midst  of  integrating  a  new 
nurse  call  system  with  the  SpectraLink  Wi-Fi  handsets, and 
Bauer  is  looking  forward  to  SpectraLink’s  forthcoming 
pure  IP  upgrade  that  eliminates  the  gateway  between  the 


handsets  and  the  PBX. 

“That  will  get  rid  of  equipment  in  the  switch  room,  and 
free  up  a  lot  of  digital  ports  on  my  PBX,”  Barber  says. 

While  Rice  was  evaluating  MobileAccess,  Condell 
Medical  Center  was  looking  to  replace  an  aging  wireless 
voice  network  based  on  proprietary  Avaya  access  points. 

Condell  took  a  more  typical  route,  beefing  up  its  existing 
Cisco  wireless  data  LAN  to  support  voice.The  Libertyville, 
Ill.,  medical  center  implemented  a  virtual  LAN  (VLAN)  to 
give  voice  traffic  priority,  and  added  10  to  15  access  points 
—  a  $10,000  upgrade.  The  big  cost  was  handsets,  and 
Condell  spent  $250,000  replacing  obsolete  SpectraLink 
handsets  with  Wi-Fi  models. 

“We  started  deploying  the  phones  last  year,  and  it  was 
like  opening  the  floodgate,” says  Sue  Mesmer,  communica¬ 
tions  supervisor  for  the  hospital.  Every  employee  who 
spends  time  scurrying  around  the  hospital  saw  the  bene¬ 
fits  immediately  and  the  170  phones  that  were  originally 
planned  quickly  expanded  to  280. 

The  VoWi-Fi  handsets  are  making  people  and  processes 
more  efficient,  and  the  hospital  is  finding  more  uses  for 
them.These  include  “code  blue”  broadcasts  when  there  is 
an  emergency  as  well  as  integration  with  the  nurse  call 
system  and  a  new  patient-tracking  application. The  hand¬ 
sets  have  all  the  features  of  a  desktop  phone,  and  usage 
can  be  restricted  according  to  job  category  For  example, 
the  nurses  can  make  outside  calls,  but  the  housekeeping 
staff  can’t. 

Like  the  two  hospitals,  the  State  University  of  New  York  at 
Cortland  rolled  out  a  WLAN  years  ago,  but  wireless  voice 
wasn’t  part  of  the  picture  until  recently  The  precipitating 
event  was  the  migration  of  wired  voice  to  Cisco  IP  tele¬ 
phony  early  last  year. 

“Once  we  experienced  VoIP  we  started  populating  our 
WLAN  with  wireless  IP  phones,”  says  Daniel  Sidebottom, 
director  of  administrative  computing  services.  “Because 
we  already  had  such  a  robust  foundation  in  place,  our 
deployment  costs  were  minimal  —  just  the  Cisco  1100 
and  1200  access  points  at  $600  to  $800  each,  and  Cisco 
7920  phones  that  cost  about  $350  each.” 

The  VoWi-Fi  users  are  currently  just  the  IT  support  staff, 
but  Sidebottom  expects  to  begin  deploying  the  wireless  IP 
phones  to  other  departments  by  the  end  of  the  summer. 
The  physical  plant  staff  currently  makes  extensive  use  of 
cell  phones,  and  Sidebottom  estimates  that  moving  them 


to  VoWi-Fi  could  save  the  university  as  much  as  $25,000  to 
$30,000  per  year. 

Meanwhile,  the  university  has  implemented  Vo  Wi-Fi  at  its 
Outdoor  Education  Center  in  the  Adirondacks,  some  200 
miles  away.  The  phones  keep  the  center’s  staff  in  touch 
with  each  other,  and  let  them  make  four-digit  extension 
calls  to  people  at  the  main  campus  —  avoiding  toll 
charges  that  can  add  up  to  thousands  of  dollars  each  year. 

Sidebottom  says  his  users  are  very  happy  with  the  results. 
“The  voice  quality  is  so  clear  that  you  don’t  even  notice  the 
handoff  when  you  move  between  access  points.” 

Mobility  is  supposed  to  increase  productivity,  and  St. 
Agnes  Healthcare  has  actually  quantified  some  of  these 
gains.The  Baltimore  hospital  was  the  subject  of  an  exhaus¬ 
tive  benefits  study  after  it  implemented  VoWi-Fi  with  the 
help  of  the  hands-free  Vocera  badge. 

The  study  found  that  each  healthcare  unit  in  the  299-bed 
facility  saved  an  average  of  3,400  hours  per  year,  or  the 
equivalent  of  1.7  full-time  employees.  Nurses  could  spend 
more  time  at  patient  bedsides,  improving  patient  care  and 
experiencing  a  lot  more  job  satisfaction. 

The  Vocera  badge  also  is  helping  the  Orange  County 
Library  System  in  central  Florida  stretch  resources  and 
enhance  services.  The  central  facility  is  a  290,000-square- 
foot  concrete  building  that  takes  up  an  entire  city  block  in 
downtown  Orlando,  so  enabling  any  kind  of  mobility  for 
the  150-person  staff  was  a  real  challenge. 

“We  had  just  upgraded  our  data  network  to  Wi-Fi,  and 
then  we  heard  about  this  Vocera  solution  that  was  being 
used  in  hospitals,”  says  Mary  Anne  Hodel,  the  library  sys¬ 
tem’s  director  and  CEO. The  price  tag  for  rolling  out  Avaya 
Wi-Fi  in  the  main  facility  and  13  branches,  and  deploying 
Vocera  badges  to  key  personnel  was  about  $45,000. 

No  longer  tethered  to  a  particular  station, staff  members 
can  help  library  patrons  wherever  there  is  a  need.  And 
they  are  instantly  reachable  when  someone  has  a  ques¬ 
tion  that  requires  their  particular  knowledge  set.  “We’ve 
really  ratcheted  our  customer  service  up  a  few  notches,” 
Hodel  sums  up. 

SUNY-Cortland’s  Sidebottom  says  it’s  high  time  to  get  into 
the  game. Start  small  and  learn  the  different  ways  of  imple¬ 
menting  voice  and  other  applications,  and  experiment 
with  the  various  levels  of  security  that  are  available.  “The 
standards  are  coming. You  need  to  position  yourself  to  take 
advantage  of  the  new  technology  that  is  emerging.”* 


NEW! 


Takeaways' 

Put-  to- workan^we^ 
and  technology 


NEW! 

Expertise 

Latest  industry  analysis 
and  overview 


Real-world  roundtable 
with  yOur  colleagues 


EVENT  SCHEDULE 

NEW  YORK,  NY 
June  8,  2004 
New  York  Marriott  Marquis 

ARLINGTON,  VA 
June  10,  2004 
Crystal  Gateway  Marriott 

HOUSTON,  TX 
June  15,  2004 
Hotel  Derek 

CHICAGO,  IL 
June  17,  2004 
Hyatt  Regency 


Ask  IT  managers  and  they  say: 

" Branch  offices,  telecommuters  and  mobile 
workers  create  security  nightmares.  ” 

“Never-ending  expenses." 

“ User-management  headaches." 

Corporate,  however,  tells  a  different  story: 

“Remote  office  networks  are  our  fastest-growing  need.' 
“A  crucial  competitive  edge.  ” 

“The  future  of  the  enterprise." 


How  can  network  managers  meet  the  business 
demand  and  avoid  the  downside?  Balance 
costs  with  benefits?  Protect  data  and  profits 
too?  Attend  Remote  Office  Networking: 
Central  to  Success,  a  breakthrough  Network 
World  Technology  Tour  Event.  It’s  where  you’ll 
see  solutions  that  integrate  far-flung  networks 
with  your  core  network  architecture. 
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James  E.  Gaskin 

YOU’LL  SEE  TECHNOLOGY 
IN  ACTION: 

►  hardware  VPNs  vs.  software  VPNs 

►  firewalls  for  remote  sites  the  latest  in 
authentication 

►  SOHO  tools  applicable  for  remote  offices 

►  remote  backup  and  restore  tools 

►  remote  office  disaster  recovery  solutions 

►  remote  voice  over  IP 

►  workgroup  collaboration  and  team  projects 

►  the  best  of  remote  support  options 

WHO  WILL  BE  THERE? 

►  Expert  Event  Leaders 

►  James  E.  Gaskin,  Author,  Columnist,  Adviser 

►  Toni  Kistner,  Managing  Editor  for 
Network  World 

and  professionals  who  must  implement, 
integrate  and  manage  remote  office  networks: 

►  CIOs/CSOs/CTOs 

►  VPs/Directors  of  Networking 

►  Network  Managers 

►  Business  Line  Managers 

►  Small  Business  Owners 


This  event  is  limited  to  Network  and  IT  professionals  involved  in 
the  evaluation,  purchase  and  implementation  of  remote  office 
networks.  Network  World  Events  reserves  the  right  to  determine 
total  audience  and  profile  of  complimentary 
attendees.  Paid  registration  is  also  available. 
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Innovation  in  Action 

The  InteropNet  Labs  (i La bs)  is  NetWorld+Interop's  live  test  bed  for  the 
latest  networking  technologies.  The  iLabs  puts  the  latest  networking 
technologies  to  work  solving  real  engineering  challenges  in  a  live, 
vendor-neutral,  standards-based  arena  on  the  Exhibition  floor. 


Put  It  All  Together 

The  innovation  you  witness  at  the  iLabs  can  be  a  vital  part  of  your  own 
network.  Free  educational  sessions  on  this  year's  key  technology  initiatives 
will  teach  you  the  valuable  tools  and  techniques  you  need  to  enhance  your 
current  network,  maximizing  productivity  and  effectiveness. 


Enterprise  Challenges  Demand 
End-to-End  Solutions 

The  iLabs  is  your  "front-row  seat"  to  watch  the  future  of  networking 
innovation  at  work.  Expert  engineers  develop,  implement  and  test 
new  networking  technologies  and  solutions  in  real-time,  giving  you  the 
ultimate  vantage  point  for  improving  your  own  business  infrastructure. 


Take  Your  Network  Further 

The  iLabs  will  show  interoperability  as  well  as  demonstrate  new  services 
that  can  improve  your  network's  productivity  and  cut  operational  costs. 
The  toughest  networking  challenges  are  all  in  day's  work  at  the  iLabs. 


iLabs  Key  Technology  Initiatives: 

))  Voice  over  IP  using  SIP 

The  VoIP  focus  area  will  show  interoperability  of  SIP-based  VoIP 
products,  emphasizing  real-world,  cost-efficient,  reliable  replacements 
for  traditional  telephony. 

))  LAN  Access  Security — Wireless  and  Wired 

The  key  technology  for  access  control  solutions  is  the  IEEE  802. IX  standard 
in  conjunction  with  the  IETF  EAP  standard.  The  InteropNet  Labs  LAN  Access 
Security  Initiative  will  show  how  these  technologies  can  be'used  to  control 
access  at  the  point  of  entry  to  your  network. 

))  Advanced  Internetworking,  in  collaboration  with  Isocore 
In  collaboration  with  Isocore  Internetworking  Lab  we  will  demonstrate 
a  live  Multiprotocol  Label  Switching  (MPLS)  network,  IPv4  unicast  traffic, 
latest  developments  in  IPv6  and  IPv6/IPv4/MPLS,  new  standards  for  IP 
multicast,  SLAs  using  Quality  of  Service  (QoS)  mechanisms  with  edge  and 
core  fail-over  mechanisms. 


While  you're  at  the  event,  attend 
FREE  iLabs  educational  sessions. 
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CLEAR  CHOICE  L€ 

TEST 


When  your  Exchange  server  goes  down 


MS  Exchange 
disasterrecovery 
wares 


EH  BY  TOM  HENDERSON,  NETWORK  WORLD  LAB  ALLIANCE 

-mail  availability  is  an  enterprise  business  mandate.To  that  end,  we  tested 
four  high-availability  products  for  arguably  the  most  popular  enterprise 
e-mail  system:  Microsoft’s  Exchange  Server. 

We  tested  Fujitsu/Softeks  Softek  Replicator  2.1.2;  LeftHand  Networks’ 
SAN/iQ  Software,  Remote  IP  Copy  Software  and  NSM  200  SAN  Module  combination; 
NSI  Software’s  Double-Take  for  Windows  4.3;  and  XOSoft’s  WANSync  HA  Exchange 
3.5.2  Build  45. 


WANSync  Exchange  earns  our 
Clear  Choice  designation  because  it 
adapted  quickly  to  our  setup,  presented 
clear  Exchange  installation-specific 
options,  and  required  no  subsequent  in¬ 
tervention  to  complete  the  processes  of 
failover  detection,  failover  and  bringing 
our  hotsite/back-up  site  online. 

WANSync  Exchange  also  is  clearly 
built  for  an  Exchange  environment  as  it 
reads  the  Active  Directory  the  server  reg¬ 
istry  and  Exchange  2000/2003  files,  and 
quickly  gives  an  administrator  a  profile  of 
where  things  are,  how  they’re  set  and 
options  for  synchronization  intervals.The 
other  products  tested  treat  Exchange 
more  as  a  minor  option  —  leaving  the 
Exchange  customization  details  to  ad¬ 
ministrators’  customization  and  script 
writing  skills. 

There  are  a  number  of  ways  to  increase 
availability  —  increasing  application 
platform  support  via  power  protection, 
for  example,  routing  techniques  and 
monitoring.  Our  tests,  however,  assume  a 


site’s  Exchange  servers  have  become  un¬ 
available  —  gone  from  the  network  map 
entirely.  This  mandates  Exchange  ser¬ 
vices  become  available  from  an  alter¬ 
nate  site. 

This  disaster  simulation  (see  How  we 
did  it,  page  48)  was  simple  for  us.  We 
merely  pulled  the  power  feeding  —  via 
an  SNMP  trigger  —  our  primary  site’s  two 
servers,  one  of  them  running  Exchange 
including  an  Active  Directory  Global 
Catalog  server  and  the  other  a  forest-par¬ 
titioned  server  in  the  same  Active 
Directory  domain. 

The  real  test  was  to  find  out  whether 
vendors’  implementations  could  sense 
the  primary  site  was  down,  then  recast 
the  hotsite’s  mirror  to  Exchange  users. 
After  the  power  failure  we  assessed  how 
products  detected  the  outage  (all  but  the 
Replicator  could).We  then  wanted  to  see 
the  products  bring  Exchange  services 
back  online  by  using  our  VPN  connec¬ 
tion  to  fail  over  operations  to  the  sec¬ 
ondary  site.  We  tracked  how  many  mes¬ 
sages  were  lost  during  failover  and 


clocked  time  to  availability 

WANSync  Exchange  and  Double- 
Take  for  Windows  do  this  automatically, 
but  the  latter  lost  some  messages.  Left- 
Hand  and  Fujitsu/Softek  require  manual 
intervention  to  bring  Exchange  2000/ 
2003  back  online  at  our  simulated  hot- 
site/back-up  site  location  —  and  both 
lost  messages  (see  graphic,  page  48).  It 
should  be  noted  none  of  the  products 
lost  messages  from  the  Exchange  mes¬ 
sage  stores  —  only  messages  in  progress. 

WANSync  HA  Exchange 

A  self-described  ‘switchover  solution’, 
WANSync  Exchange  is  the  only  Ex¬ 
change-specific  product  reviewed  in  this 
comparison,  although  it  does  retain 
XOSoft’s  WANSync  technology  that’s  used 
for  other  applications  such  as  Microsoft 
SQL  Server  and  Oracle  9. 

Of  two  available  deployment  options, 
we  chose  the  high-availability  one,  (as 
opposed  to  the  WANSync  “file”  method) 
which  dictated  the  necessary  steps  to 
achieve  a  replicated  server.  These  steps 


involved  developing  a  scenario  that 
brought  the  masters’  settings  together 
with  their  replicants’.  This  scenario  mir¬ 
rored  all  the  settings  necessary  for  the 
Active  Directory  DNS,  registry  entries, 
Exchange-specific  logs/file  locations, and 
Exchange  settings  to  be  replicated  to  the 
secondary  site. 

We  linked  the  source  and  replication 
server  by  making  the  replication  server  a 
‘switchover  host’  and  chose  a  replication 
name.  The  auto-discovery  process  in 
WANSync  Exchange  queried  our 
Active  Directory  and  each  host  for  its  in¬ 
formation.  It  then  offered  appropriate  de¬ 
fault  selections  of  items  such  as  source 
host  monitoring  (heartbeat,  timeouts, 
IP  pinging,  for  example)  and  let  us  run 
scripts  before  switchover  or  switchback. 

WANSync  Exchange  can  redirect 
DNS  to  point  to  the  failover  Exchange 
server,  then  change  it  back  if  necessary  at 
a  failback  point. Also,  it  can  change  the  IP 
addresses  so  that  the  remaining  live  Ex¬ 
change  server  can  be  found  if  DNS  can’t 
(or  shouldn’t)  be  changed.  In  both  cases. 


Net  Results 


WANSync HA  Exchange 
3.5.2  Build  45 


OVERALL  RATING 


Company:  XOSoft,  www.xosoft.com.  Cost 
$18,240.  Pros:  Well-tuned 
for  both  Exchange  2000 
and  2003;  astute 
deployment;  very  good 
availability.  Con:  Initial  replication  is  slow. 
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Double-Take  for  OV£8AURAT,MO 
Windows  4.3  Hu  H 


Company:  NSI  Software, 
www.nsisoftware.com.  Cost:  $17,980. 
Pros:  Management  Console  very  good 
if  devoid  of  Exchange  specifics;  second- 
fastest  availability  time.  Con:  Requires 
more  initial  configuration. 


SAN/iQ  Software. 

Remote  IP  Copy 

Software,  NSM  200  0VERAUMT,NG 
SAN  Module 


Company:  LeftHand  Networks, 
www.lefthandnetworks.com.  Cost: 
$41,500.  Pros:  Integrated  with  SAN;  fast 
replication;  manageable.  Cons:  Weak 
setup  for  Exchange;  stow  to  availability. 


Softek  Replicator  2.1.2 


Company:  Fujitsu/Softek,  www. 
softek.com.  Cost:  $26,000*.  Pro:  Least 
inexpensive  if  single  CPU  licenses  used. 
Cons:  Mirrors  Exchange,  but  doesn’t 
trigger  failover;  slow  to  availability. 


The  breakdown 

WANSync HA  Exchange 

Double-Take  for  Windows 

SAN/iQ,  Remote  IP 

Copy  and  NSM  200 

Softek  Replicator 

Availability  40% 

s 

4 

3 

2 

Installation/Configuration  30% 

4.5 

4 

4 

3 

Management  20% 

4.5 

4 

4 

4 

Documentation/Support  10% 

4 

4 

3 

3 

TOTAL  SCORE 

4.65 

4 

3.5 

2.8 

Scoring  Koy:  5:  Exceptional;  4:  Very  good;  3:  Average:  2:  Belov/  average;  1:  Consistently  subpar 
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Ik  A'orkWorid  5/3/04  Clear  Choice  Test 


Tracking  failover  performance 

While  XOSoft’s  WANSync  HA  Exchange  required  the  longest  initial  server  synchronization  time,  the  product 
earned  our  Clear  Choice  honors  for  its  ability  to  fail  over  quickly  without  dropping  pending  messages. 


Time  for  initial 

Average  time 

Number  of  dropped 

synchronization 

to  availability 

message  transactions  ! 

;  ; 

via  10M  bit/sec  link 

after  failure  (1) 

during  failure  (2) 

XOSoft  WANSync  Exchange  643  minutes  18  minutes  0 


NSI  Software  Double-Take  for  Windows  530  minutes  23  minutes  5 

. . — - -  ■  ...  - -  - -  .  ..  .  . . 

LeftHand  Networks  SAN/iQ  Software,  Remote  521  minutes  72  minutes  6 

IP  Copy  Software,  NSM  200  SAN  Module 

Fqjitsu/Softek  Replicator  536  minutes  82  minutes  24 

- - — 

Note  that  these  scores  are  specifically  for  Exchange  2000/2003,  not  for  other  uses  or  applications. 

(1)  Average  of  two  synchronizations. 

(2) Twenty-four  transactions  are  pending  when  primary  server  is  shut  down. 


mail  readers,  and  flush  their  DNS  cache  as 
we  had  to  do. 

Oddly.  WANSync  ^  Exchange  was  the 
slowest  of  all  four  products  tested  to  per¬ 
form  an  initial  synchronization  of  the  mes¬ 
sage  and  public  folder  store  in  our  tests, 
which  took  more  than  10  hours  (see  track¬ 
ing  Failover  Performance  chart,  right). 

There  are  three  levels  of  replication  be¬ 
tween  WANSync  “master”  and  “replica” 
servers. The  initial  synchronization  takes 
place, using  options  that  let  large  chunks  of 
data  be  replicated  at  a  time.  Moving  the 
chunk  size  from  small  to  large  made  no  dif¬ 
ference  in  WANSync’s  slow  data  copying  as 
far  at  the  initial  replication  is  concerned. 
Subsequent  replication  is  done  either  at 
the  block  level, or  at  the  file  level. Either  file- 
level  or  block-level  replication  was  suffi¬ 
cient  to  let  WANSync  Exchange  keep 
all  of  the  24  messages  in  queue  at  the  fail¬ 
ure  point  —  on  the  replica  server. 

Fallback  is  the  reverse  of  failover,  and  for 
all  of  the  applications  tested,  the  time  to  re¬ 
synch  was  slightly  faster  (but  proportional) 
because  most  files  were  already  populated 
on  our  disabled  Exchange  Servers. 

Of  the  four  products  tested,  only 
WANSync  ^  Exchange  prevented  any 
outgoing  messages  from  being  lost  at  the 
time  of  failure.  WANSync  ^  Exchange 
can  auto-discover  many  Exchange  facets 
such  as  file  locations,  Exchange  specifics 
and  logs. 

The  WANSync  Manager  is  the  core  man¬ 
agement  application.  It  uses  a  Microsoft 
Management  Console-like  layout  that 
allows  fast  perusal  of  paired  (mirror  and 
replica)  servers,  their  settings  and  the  set¬ 
tings  that  are  made  for  failover. 


NSI  Double-Take  For  Windows 

Double-Take  for  Windows  is  a  block-level 
replication  system.  Sources  of  datasets  (dri¬ 
ves,  volumes  and  folders)  are  identified. 
Then  target  storage  areas  are  calculated  for 
size  and  subsequently  allocated  for  repli¬ 
cation.  In  many  installations,  one  target 
might  suit  several  data  sources,  but  for 
Exchange,  NSI  recommends  a  one-to-one 
allocation  if  the  targets  are  going  to  be 
used  for  subsequent/possible  failover.  The 
mirroring  took  530  minutes  to  replicate  our 
datasets,  consisting  of  Exchange  executa¬ 
bles  and  Exchange  stores  for  both  of  our 
two  primary  site  servers. 

This  initial  synchronization  was  simple  to 
set  up  and  deploy  but  additional  steps  such 
as  batch  file  configuration  and  finding 
Exchange  files,  for  example,  are  required. 

In  our  two-forest,  two-Exchange  server  ex¬ 


ample  in  which  we  simulated  a  headquar¬ 
ters  and  a  manufacturing  branch  topology 
four  licenses  of  Double-Take  were  re¬ 
quired,  but  only  two  licenses  of  Exchange 
server  were  required. 

When  failover  occurs  —  as  detected  by  a 
failure  threshold  that  can  be  set  for  com¬ 
munication  between  servers  —  the  soft¬ 
ware  triggers  options  you  set  in  a  recom¬ 
mended  batch  file  that  calls  NSI’s  Exch- 
Failover  command.  This  command  starts 
Exchange  on  the  failover  hardware  and 
sets  DNS  information  to  the  target  server. 

Although  we  had  no  failures  in  our  tests, 
NSI  recommends  that  you  monitor  pro¬ 
cesses  that  failover  closely  because  of  un¬ 
predictable  results  when  Exchange  services 
start.  We  also  successfully  attempted  fail- 
back  with  this  product,  which  is  a  method 
to  repopulate  the  source  when  it  became 
available  again. 

Double-Take  for  Windows  uses  a  32-bit 
Windows  application  called  the  Manage¬ 
ment  Console  by  which  you  can  control  all 
aspects  of  the  product.  Icons  display  server 
status  and  the  properties  of  the  server 
(such  as  items  managed,  logs  info  and  so 
on)  can  be  easily  seen  in  the  GUI.  There’s 
also  a  command-line  interface  available  to 
manually  enter  stop, start,  failover  and  other 
commands. 

LeftHand  Networks 

LeftHand  provided  the  full-meal  deal  in 
the  form  of  a  storage-area  network  (SAN) 
running  its  SAN/iQ  Remote  IP  Copy  appli¬ 
cation.  Because  LeftHand  completes  100% 
of  its  clients’  installations,  we  let  its  engi¬ 
neers  install  the  SAN  and  software  in  our 
lab. The  SAN  and  software  combination  — 
called  the  Network  Storage  Module  (NSM) 
—  is  mirrored  from  site  to  site. 

The  SAN  comprised  two  rackable  RAID 
frames  with  eight  drives  in  each.The  drives 
were  configured  in  what  LeftHand  calls  a 
RAID  10  configuration  (actually  RAID  5/2 
combination)  along  with  its  software.  In¬ 
stallation  of  the  hardware  took  about  an 
hour  with  two  people;  initial  software  instal¬ 
lation  took  half  that. 

We  set  up  two  stores  at  each  ‘site’  for 
each  Exchange  server  running  at  that  site 
on  one  NSM. 


NSMs  swap  snapshots  of  data  from  a 
source  to  a  target.  If  the  data  link  speed  be¬ 
tween  NSMs  supports  it,  frequent  snapshots 
can  be  taken  and  sent  from  source  to  tar¬ 
get.  Because  there  are  fluctuations  in  mail 
server  transactions,  frequent  snapshots 
need  to  be  taken  to  ensure  transactions 
aren’t  lost.  The  product  can  be  tuned  so 
that  frequent  snapshots  are  taken. 

We  initially  connected  to  the  LeftHand 
Networks  SAN  with  a  notebook  and  null- 
modem  serial  cable.The  devices  are  mir¬ 
rored  together  over  IP  —  outside  of  the 
connection(s)  to  the  Exchange  Servers. 
The  required  IP  connectivity  doesn’t  like 
network  address  translation,  and  therefore 
requires  a  virtual  LAN  or  VPN  connection 
between  sites.  We  used  a  Point-to-Point 
Tunneling  Protocol  VPN  connection. 

The  NMS  is  configured  for  four  para¬ 
meters:  size  and  type  of  Windows  NT  File 
System  volume,  output  bandwidth  to 
use  (bandwidth  can  be  throttled  to  opti¬ 
mize  links),  snapshot  information  and 
scheduling. 

The  management  tools  provided  with  this 
product  were  useful,  but  not  necessarily  in¬ 
tuitive.  Replacing  a  failed  drive  stymied  us 
until  we  read  through  the  help  screens  be¬ 
cause  we  couldn’t  understand  the  proce¬ 
dure  from  the  documentation. 

The  Exchange-specific  recommendation 
we  followed  asked  that  once  a  failover  had 
occurred,  that  you  make  your  way  through 
27  steps  to  bring  Exchange  back  online  at 
the  hotsite/back-up  site.  We  did  this,  twice, 
and  the  steps  worked. 

The  most  onerous  of  these  steps  was  to 
bring  Exchange  online  at  the  recovery  site 
in  Recovery  mode,  which  added  more  than 
an  hour  to  the  point  where  we  could  bring 
either  version  of  Exchange  back  online. 

Documentation  comes  in  three  sets,  one 
for  Remote  IP  copy,  one  for  SAN/iQ  and 
one  for  the  SAN200  installation.  They’re 
good  and  descriptive  documents,  although 
the  Exchange-specific  information  came 
via  a  PDF  rather  than  through  the  docu¬ 
ments.  The  Exchange  instructions  were 
good  enough. 

The  fact  that  the  LeftHand  Networks 
NSMs  can  replicate  a  number  of  platform 

See  Exchange,  page  50 


#  How  We  Did  It 


We  performed  two  test  cycles  per  product,  one  each  with  Exchange  2000 
running  on  Windows  2000  Advanced  Server  and  one  running  with  Ex¬ 
change  2003  on  Windows  2003  Enterprise  Server. 

We  used  an  Exchange  installation  of  500  user  accounts,  an  Active  Directory  con¬ 
taining  the  same  number  of  users  and  a  mail  store  of  30G  bytes.  We  partitioned 
the  servers  into  500  total  users  at  two  sites,  the  first  site  having  300  and  the  other 
200.  We  also  created  a  public  shared  folder  store  within  Exchange  with  10G  bytes 
of  data. 

Site  A  comprised  two  Compaq  DL360G3  servers  (twin  3.0GHz  P4  CPUs;  1G  byte 
DRAM)  connected  by  Emulex  2FC  controllers  into  a  storage-area  network  (two 
independent  JMR  Fortra  non-cached  RAID  5  drives)  via  a  Brocade  Silkworm  3800 
2FC  switch.  This  network  was  connected  via  lOBase-T  (768K  bit/sec  to  simulate  a 
WAN  connection  speed)  link  to  an  identical  network  at  Site  B.  The  exception  to 
this  was  the  test  setup  for  LeftHand,  which  uses  its  own  storage. 

The  second  hotsite/standby  site  had  a  primary  and  secondary  server  available 
for  each  product.  We  connected  the  two  sites  via  a  Point-to-Point  Tunneling 
Protocol  VPN.  How  the  products  were  installed  to  pick  up  or  have  concurrent 
availability  varied  widely:  See  the  individual  product  test  experiences  for  specifics. 

One  of  the  servers  was  an  Active  Directory  Global  Catalog  Server  with  300 
users,  and  the  other  had  200  users  as  a  partition  of  the  forest  of  users.  The  prima¬ 
ry  site-  had,  therefore,  two  servers,  not  identical  in  storage  or  users.  We  used 
VMWare  GSX  (from  EMC)  running  on  Micron  servers  (twin  3.2GHz  P4s  with  2G 
bytes  of  DRAM)  to  simulate  24  users  making  transactions  in  a  pattern.  Once  the 
"u’o-rn  started  and  at  exactly  the  same  place/time  during  each  test  run,  we 
p Tied  the  plugs  on  the  server.  This  process  demonstrated  whether  the  messages 
v.ore  being  replicated  in  near-real  time  or  whether  the  message/block/l/O  replica- 
tiO')  met  nod  c-f  the  application  used  snapshots  every  so  often,  and  would  miss  the 
messages  that  were  in  the  Exchange  servers  —  but  not  sent  —  correctly. 


A  server  engineered  to  deliver  on  both  sides 

v/ 

of  the  price/performance  equation. 


The  HP  ProLiant  DL380  G3  gives  you  true  high  performance  at  a  truly  affordable  price  .  While  our  Intel®  Xeon™  processor- 

powered  HP  ProLiant  DL380  G3  server  certainly  offers  blazing  performance,  the  engineers  behind  it  would  challenge  you  to  rethink  the  definition  of 
performance  entirely.  Consider,  for  example,  what  happens  when  you  need  to  add  a  storage  device  to  a  typical  server— the  server  must  be  powered 
down,  and  your  productivity  drops  to  zero.  This  fact  led  us  to  design  hot-pluggable  technology  on  the  DL380  that  allows  you  to  swap  out  a  number  of 
key  server  components,  including  the  reliable  and  efficient  HP  DAT72h  tape  backup  solution  without  ever  interrupting  server  operation.  The  DL380  and 
DAT72h  also  feature  space-saving  designs,  and  server  management  is  easy  yet  robust  thanks  to  our  ProLiant  Essentials  Software.  Demand  more  uptime 
and  more  real  performance  from  a  server.  And  demand  more  value,  from  HR 


HP  ProLiant  DL380 
G3  SERVER 


$3,018 

One  Intel®  Xeon™  processor  3.06GHz  with 
512KB  cache  (upgradable  to  2  x  3.20GHz) 

1GB  PC2100DDR  SDRAM  (12GB  maximum)' 

Integrated  Lights-Out  (iLO) 
management  (standard) 

ServerWorks  GC-LE  Chipset 
Integrated  Smart  Array  5i  Plus  Controller 
Three  available  PCI-X  slots  (2  hot  pluggable) 
Two  NC7781  PCI-X  Gigabit  NICs  (embedded) 


Enhance  your  system. 


HP  STORAGEWORKS  DAT  72h 

HOT-PLUG  TAPE  DRIVE 

—  Industry-standard  DDS  technology 

•*  Up  to  36GB  native  capacity  on  a  single 
tape,  72GB  at  2:1  compression* 

—  HP  StorageWorks  One-Button  Disaster 
Recovery  (OBDR)  restores  your  entire 
system  at  the  touch  of  a  button 

—  Up  to  3MB/s  native  data  transfer  rate, 
6MB/s  with  2:1  compression 

$1,349 

(after  $150  instant  savings)* 


*HP  StorageWorks  DAT  72h  offer  good  through  5/31/04. 


BUY  NOW 

Click  www.hp.com/go/proliantesg9 


Call  Toll  Free 


Reductions  taken  at  time  of  purchase.  HP  StorageWorks  DAT  72h  hot-plug  tape  drive  otter  ends  5/31AJ4.  Other  restrictions  may  apply.  Prices  shewn  are  HP  direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are  subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or :  ; 
address.  United  order  quantities-  Otters  carrot  be  combined  with  any  other  otter  or  discount  and  are  good  while  supplies  last.  Promotions  void  where  prohibited  a  restricted  by  law.  HP  reserves  the  right  to  modify  or  withdraw  these  promotions  at  any  time.  HPFSC  reserves  the  right  to  charge  a  u . 
any  time  without  notice.  'For  hard  drives.  GB=billion  bytes.  All  featured  offers  available  in  U.S.  only.  Intel,  Intel  Inside,  the  Intel  Inside  logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  U.S.  and  other  courtnes.  ©2004  Hewlett-Packard  (Xvx  <-  '• 
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stores  —  including  Linux,  Windows  2000, 
Windows  2003  and  numerous  file  systems 
—  is  to  its  benefit, but  in  terms  of  high  avail¬ 
ability  specifically  for  Exchange,  it  lagged 
the  competition. 


Softek  Replicator  2.1.2 

Similar  in  many  ways  to  Double-Take, 
Softek  Replicator  is  hardware-independent 
and  uses  a  device  driver  that  intercepts 
data  to  be  written  to  disk.  The  driver  then 
manages  writing  the  data  to  disk  and  trans¬ 
ferring  it  to  a  target  server.  These  pairs  are 
mirrors  of  each  other.  Softek  journals  en¬ 


tries  to  store  updates  that  might  leave  the 
mirrored  pair  replicated  incorrectly 
Softek  pays  special  attention  to  transac¬ 
tional  commitment  in  the  relational  data¬ 
base  sense  because  its  driver  notifies  appli¬ 
cations  when  transactions  are  complete. 
Softek  Replicator  can  operate  in  asynchro¬ 
nous,  synchronous  or  near-synchronous 


modes.  The  synchronous  mode  won’t  re¬ 
turn  control  to  an  application  until  the  pri¬ 
mary  and  mirrored  devices  have  been  suc¬ 
cessfully  written  to.  Asynchronous  mode 
will  wait  until  buffers  fill  to  transmit.  We 
couldn’t  find  tuning  points  that  optimized 
this  without  losing  messages. The  near-syn¬ 
chronous  mode  is  a  trade-off  that  lets  a  pre¬ 
defined  ceiling  be  established  before 
Softek  Replicator  makes  an  application 
wait  until  records  have  been  written  to  the 
primary  and  mirrored  pair  servers. 

Softek  Replicator  doesn’t  automatically 
start  a  mirrored  server  recovery  of  Ex¬ 
change.  It  might  not  even  know  that  the  pri¬ 
mary  site  has  been  blown  to  bits. 

Recovery  to  availability  of  Exchange2000 
or  Exchange  2003  required  that  we  use  a 
manual  restoration  with  the  Exchange  re¬ 
covery  utility  We  started  Exchange  2000  or 
2003,  then  started  the  recovery  process  of 
the  database  (message  store)  and  transac¬ 
tion  logs.  All  of  Exchange’s  components 
must  be  on  a  volume  that  is  not  used  for 
paging  (such  as  the  ‘C:’  volume  of  most 
every  Exchange  server)  because  Softek 
Replicator  can’t  mirror  that  volume. 

Softek’s  expertise  in  MS  SQL  Server  repli¬ 
cation  doesn’t  translate  well  to  Exchange  in 
terms  of  high  availability  Softek  Replicator 
can  mirror  Exchange  quite  effectively  but 
in  terms  of  knowing  what  Exchange  is 
doing,  the  software  is  barely  there. 

Custom  tools  and  scripts  will  have  to  be 
built  by  the  user/administrator  to  1)  detect 
the  state  of  the  back-up  server,  2)  auto¬ 
mate  the  process  of  terminating  the  repli¬ 
cant  pair’s  relationship,  and  then  3)  restore 
Exchange  server  in  an  orderly  manner  — 
the  data’s  there  but  Softek  Replicator 
doesn’t  do  this  for  Exchange. 

Conclusion 

These  products  represent  four  ways  to 
increase  Exchange  availability 

At  the  high  end  of  the  pricing  chart,  Left- 
Hand  Networks  provides  a  holistic  solution 
—  all  of  the  storage  components  are  in¬ 
cluded  for  organizations  that  find  them¬ 
selves  facing  mushrooming  storage  prob¬ 
lems  —  and  in  need  of  all  of  the  bits  to 
make  the  solution  work. 

But  it’s  very  clear  that  the  features  of  an 
Exchange-specific  product,  XOSoft’s  WAN- 
Sync  ^  Exchange,  make  a  big  difference 
in  how  effective  it  can  be  in  getting  Ex¬ 
change  servers  back  up  and  running  after 
a  disastrous  situation. 

Henderson  is  managing  director  of 
ExtremeLabs  of  Indianapolis.  He  can  be 
reached  at  thenderson@extremelabs.com. 


Do  You  Need  To 


keep  your  network  secure  with 
SSWv2,  SNMPv3,  TACACS? 


transport  gigabits 
of  data  over  fiber? 

(multimode  A  to  2km?) 


deploy  802.3AI- 
Ethernet  services: 


MMBBBiftaBU 


Transport  gigabits  of  data 

with  MRV's  WDM  solutions. 

Plus,  extend  the  life  of  your  fiber  with 
our  broad  line  of  media  converters. 


MRV  has  been  a  pioneer  in  Ethernet  Access,  Optical  Transport,  and 
Management  &  Control  solutions  for  over  15  years.  World-class 
companies  choose  MRV  for  unlimited  connectivity  options. 


Turn  to  us  for  your  Connectivity  Unlimited™  needs 


mrv.com/nw 


Deploy  Ethernet  services 

to  your  business  customers  with 

MRV's  wide  range  of  Ethernet 
i  Service  Demarcation  products. 

Keep  your  network  secure 

with  MRV's  secure,  remote  console 
and  power  management  solutions. 

i  •  " 
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MONDAY  MAY  10 


UMWIlriilliTiV, 

8  a.m  to  5  p.m. 

Network  Forensics  Day 

Moderator:  Bill  Alderson,  executive  net 
analyst,  Pine  Mountain  Group 

Although  budgets  slowly  are  coming 
back,  network  managers  still  need  to 
optimize  the  wares  they  already  have. 
They  need  a  tactical  approach  to  solv¬ 
ing  complex  problems  on  their  network. 
That's  the  goal  of  this  all-day  education 
program,  which  Alderson  says  will  give 
network  managers  responsible  for 
delivering  applications  to  end  users 
what  they  need  to  know  “from  client  to 
server  applications  and  all  points  in 
between." 

Sponsored  by  troubleshooting  vendors 
such  as  Finisar,  Fluke  Networks  and 
Opnet,  this  session  will  give  attendees 
the  key  process  and  people  skills  to  de¬ 
termine  the  source  of  a  problem  and 
solve  it  quickly.  The  session  leaders  will 
reveal  2004’s  top  10  problems  affecting 
performance  and  reliability.  It  also  will 
offer  practical  ways  to  address  them. 

This  event  also  will  give  attendees  the 
chance  to  raise  their  top  issues  and  ask 
sponsors  about  how  they  will  address 
them. 


8:30  a.m.  to  4:30  p.m. 

Tutorials  and  Workshops: 
Understanding  Voice  over  IP 

Moderator:  David  Oran,  Cisco  fellow 

About  half  of  the  more  than  360 
attendees  that  participated  in  an  N+l 
survey  say  they  already  use  VoIP  or 
have  plans  to  implement  the  technology. 

This  workshop  will  provide  a  system- 
level  understanding  of  how  voice  can  be 
applied  to  legacy  and  telephone  applica¬ 
tions.  This  session  covers  most  aspects 
of  VoIP  systems,  from  endpoint  audio 
processing  through  media  transport 
and  quality-of-service  concerns,  plus 
security  and  topical  areas  such  as  net¬ 
work  address  translation  and  firewall 
traversal.  Oran  says  the  session  will 


WM.D+INT 


^  corporate  IT  executives  begin  to  dust  off  their  check- 

books  this  year,  NetWorld+Interop  Las  Vegas  2004  is 
the  place  to  learn  about  leading-edge  technologies, 

X  mission-critical  applications  and  emerging  security 

strategies  —  all  designed  to  give  organizations  a  competitive  edge,  optimize 
their  networks  and  protect  them  from  potential  threats. 

Industry  analyst  firms  such  as  IDC  and  Forrester  report  technology 
spending  is  on  the  rise  this  year,  and  show  planners  are  banking  on  it. 
According  to  them,  the  goal  for  N+l  2004  is  to  provide  IT  buyers  with 
accurate  and  actionable  information  about  relevant  technologies  emerging 
in  the  coming  months. 

“We  really  tried  to  look  at  it,  ‘Yes,  the  industry  is  coming  back,  but  buyers 
still  need  to  dig  more  deeply  to  make  purchases,'"  says  Steve  Wylie,  direc¬ 
tor  of  content  for  N+l.  "IT  buyers  have  to  justify  their  purchases  from  both 
a  business  and  a  technology  point  of  view.” 

From  performance  to  wireless  to  security  to  data  center  and  storage,  this 
year's  N+l  will  offer  the  expected  20,000  attendees  a  virtual  catalog  of  tech¬ 
nologies.  More  than  320  exhibitors  —  up  about  25%  from  last  year's  show  — 
will  showcase  their  latest  wares,  and  show  planners  narrowed  conference 
tracks  down  to  six  areas:  performance;  wireless;  security;  infrastructure 
and  services;  data  center  and  storage;  and  collaboration  and  VoIP. 

"This  year  we  have  dedicated  conferences  on  subjects  that  IT  managers 
need  to  consider  from  both  a  technology  point  of  view  and  a  business  one," 
says  Lenny  Heymann,  general  manager  of  N+l.  "We  have  attendees  coming 
from  large  companies  with  large  budgets,  and  as  things  continue  to  pick  up 
in  the  industry,  we  want  to  show  them  the  whole  picture." 


provide  an  overview  and  a  good  founda¬ 
tion  for  this  technology. 


TUESDAY  MAY  11 


10:30  to  11:30  a.m. 

Network  World  Mini  Showdown: 
Security:  Build 
it  or  buy  it? 

Moderator:  John 
Dix,  editor  in  chief, 

Network  World 
Panel:  Bruce 
Schneier,  founder 
and  CTO  of 
Counterpane 
Internet  Security,  a  managed  security 
services  firm;  and  Nir  Zuk,  CTO  of 
security  equipment  provider  NetScreen 
Technologies. 


Network  World’s  Dix  will  take  to  the 
Interop  Theater,  Exhibitor  Floor  to  offer 
attendees  the  chance  to  hear  product 
and  strategy  directions  from  top  ven¬ 
dors  in  a  debate  format. 

Enterprise  security  demands  are 
responding  to  ever-more  daunting 
threats  and  legal  requirements  to  safe¬ 
guard  data.  But  customers  face  a  fun¬ 
damental  question:  Is  it  best  to  buy 
components  and  piece  together  best- 
of-breed  custom  defenses,  or  simply 
procure  security  as  a  service  and  leave 
the  driving  to  the  experts? 

For  network  professionals  such  as 
Dan  Skielnik,  a  network  analyst  with 
Ford  Motor,  this  session  is  a  must-see. 
Skielnik,  who  will  be  attending  N+l  for 
the  first  time  this  year,  says  securing 
data  center  infrastructure  is  an  area 
of  specific  interest  to  him.  Fie  man¬ 
ages  one  of  Ford's  Dearborn,  Mich., 
data  facilities. 


John  Dix 


"With  all  the  new  viruses  and  worms 
out  there,  security  is  becoming  a  big 
issue  for  everyone  in  the  industry," 
Skielnik  says.  He  adds  that  Ford  has 
seen  virus-  and  worm-related  traffic 
jump  dramatically  in  its  network  over 
the  last  few  years. 

“Increasing  security  everywhere  is  a 
priority,  but  especially  in  our  data  cen¬ 
ters,  because  that's  where  our  critical 
systems  are,"  he  says. 

10:30  to  11:45  a.m. 

Focused  VoIP  Case  Studies: 
Assessing  IP  Telephony 

Moderator:  Robin  Gareiss,  principal 
research  officer,  Nemertes  Research 
Panel:  Elliott  Zeltzer,  chief  infrastruc¬ 
ture  architect,  Gedas  USA  (technology 
subsidiary  of  Volkswagen);  Ron  Pike, 
telecommunications  manager,  EDAW; 
Philip  Brody,  CTO,  Clark  County  School 
District;  John  Haltom,  network  director, 
technology  management,  Erlanger 
Health  System. 

For  many,  VoIP  is  a  subject  they  only 
hear  vendors  talk  about,  but  this  ses¬ 
sion  is  for  those  who  want  to  hear  real- 
world  VoIP  users  talk  about  the  technol¬ 
ogy.  IT  professionals  answer  these  criti¬ 
cal  questions:  Which  vendors  did  you 
assess,  and  why  did  you  choose  or  not 
choose  each?  What  were  the  toughest 
problems  to  overcome  during  imple¬ 
mentation?  What  do  you  want  vendors 
to  focus  on  in  the  coming  year? 

The  panel  also  will  answer  questions 
from  the  audience. 

3:30  to  4:45  p.m. 

The  Next  Killer  App:  Voice  Over 
WLAN 

Moderator:  Eric  Krapf,  managing  edi¬ 
tor,  Business  Communications  Review 
Panel:  Matthew  Glenn,  director,  product 
management,  Airespace:  Michael 
Frendo,  vice  president,  Voice  Systems 
Engineering  Division,  Voice  Technology 
Group,  Cisco;  and  Ben  Guderian,  direc¬ 
tor  of  marketing,  SpectraLink. 

For  those  attendees  looking  to  hear 
about  bleeding-edge  technologies,  VoWi- 
Fi  industry  leaders  will  detail  exactly 
how  voice-over-WLAN  technologies  can 
be  implemented,  and  the  tools  and  tac¬ 
tics  IT  managers  will  need  to  get  them 
in  place. 

4:30  to  6  p.m. 

Interop  Booth  Crawl 

To  keep  network  professionals  mo' : 
vated  to  travel  from  booth  to  o  ; 
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Network  World  to  nail  testing  at  N+l 


etwork  World  is  the  exclusive  media  sponsor  of 
the  InteropNet  Labs,  NetWorld+Interop's  live  test 
bed  designed  to  give  attendees  hands-on,  unbi- 
«$5*.  ^  ased  insight  into  the  state  of  emerging  technolo¬ 

gies.  ILabs  is  located  on  the  show  floor  (Booth  111),  open  to 
all  attendees  and  runs  during  exhibition  hours. 

This  year  iLabs  will  focus  on  three  areas:  interoperability  of 
Session  Initiation  Protocol-based  VoIP  products;  wired  and  wireless  LAN 
access  security;  and  Multi-protocol  Label  Switching  IP  v.4  and  v.6  interoper¬ 
ability  and  MPLS  multicast  capabilities. 

(For  more  information  about  iLabs,  go  to  www.nwfusion.com, 
DocFinder:  1730.) 

Network  World  will  supplement  the  iLabs  education  program  with  the 
Network  WorldTesting Track.  In  these  interactive  sessions,  Network  World 
Lab  Alliance  members  will  discuss  how  to  develop  test  methodology,  offer 
advice  on  the  testing  process  pitfalls  and  outline  which  prod 
ucts  should  be  on  your  testing  short  list. 

Network  WorldTest  Lab  Alliance  partner  Joel  Snyder  will 
conduct  aVPN  Design  and  Deployment  Workshop  on 
Monday,  May  10. This  daylong  session  will  cover  the  results 
of  testing  completed  for  Network  World  and  hands-on  infor¬ 
mation  he's  acquired  from  implementing  VPNs  at  customer 
sites.  Snyder  will  cover  everything  from  VPN  clients  to  Secure  Sockets 
Layer  (SSL)  VPNs,  providing  hints  on  how  to  get  a  real  VPN  installed  in  a 
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David  Newman 
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Joel  Snyder 


real  network.  (Fora  description  of  this  work¬ 
shop,  go  to  DocFinder:  1731.) 

OnTuesday,  alliance  partner  David  Newman 
of  Network  Test  will  explore  the  considera¬ 
tions  of  testing  10G  Ethernet  network  gear. 

On  Wednesday,  Snyder  will  hone  in  on  testing 
SSL  VPN  products.  OnThursday,  alliance 
partner  RodneyThayer  will  give  tips  on  how  to  effectively 
test  intrusion-prevention  system  and  intrusion-detection  sys¬ 
tem  products  using  open  source  tools.  All  sessions  will  be 
held  from  2  to  3  p.m.  in  Room  N115.  (For  more  about  these 
sessions,  go  to  DocFinder:  1732.) 

Lab  Alliance  partner  and  network  collaboration  specialist 
Christine  Perey  will  act  as  the  chairperson  and  moderator  of 
the  CollaborationTheater  presentations  to  be  conducted  on  the 
show  floor  throughout  the  week.  As  part  of  the  Collaboration 
and  VoIP  Pavilion  (Booth  127),  speakers  from  participating  ven¬ 
dors  that  ship  VoIP  hardware  and  software,  streaming  media 
delivery  tools,  videoconferencing  technologies,  portal  software, 
instant  messaging  and  collaboration  software  suites  will  use  the  theater  to 
engage  attendees  in  interactive  discussion  that  will  help  them  better  understand 
existing  and  emerging  collaboration  technologies. 

—  Christine  Burns 
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The  Global  Leader  in  Application  Traffic  Management 


Visit  us  at  booth  #2035  and  in 
the  Performance  Pavilion 

www.f5.com 


Creating  The 
Application  Aware 
Network 


Successfully  deliver  your  business-critical 
applications  with  F5's  intelligent 
application  traffic  management 
architecture.  Our  BIG-IP®  and  FirePass® 
solutions  include  a  common  language 
we  call  iControl®.  It  provides  a  way  for 
your  applications  and  network  devices 
to  communicate.  The  result?  An 
"application  aware"  network  that 
ensures  applications  are  securely  and 
optimally  delivered  -  every  time. 


Forum  System’s  offers 

A  COMPREHENSIVE  SUITE  OF 
TRUST  MANAGEMENT  AND 
THREAT  PROTECTION  PRODUCTS 
FOR  THE  AUTOMATED  WEB. 

Forum  Sentry™ 
Forum  XWall™ 

Forum  Presidio™ 

OFFER  PRECISION  PROTECTION 
OF  ENTERPRISE  INFORMATION 

and  Web  services  from 

THE  NETWORKS  EDGE  TO  THE 
APPLICATION  SERVER. 

FORUm*3'3'3Ltlll‘3 

THE  LEADER  IN  WEB  SERVICES  SECURITY 

BOOTH  #521 


Show  Planner  NetWorld+Interop  2004  5  3  04  NetworkWorid  ||| 


N+l  and  vendor  sponsors  will  feature  free  food  and 
drink  after-hours  on  the  show  floor.  This  interactive 
event,  combined  with  the  increased  floor  traffic  for  the 
Best  of  Interop  Awards  program,  will  give  attendees  a 
casual  atmosphere  in  which  to  check  out  vendor  booths. 
Vendors  will  have  designated  areas  for  attendees  to  eat, 
drink  and  network. 


WEDNESDAY  MAY  12 


10  a.m.  to  4  p.m. 

2nd  Annual  Iron  Chef  of  Information 
Security  Competition 

Moderator:  World  Organization  of  Webmasters 

Booth  1951 

Whether  you're  a  fan  of  the  popular  television  pro¬ 
gram  “Iron  Chef"  on  the  Food  Network  or  you  just  like 
to  see  IT  professionals  scramble  against  a  deadline, 
you  should  check  out  this  event  sponsored  by  the 
World  Organization  of  Webmasters  (WOW).  According 
to  WOW,  this  event  will  challenge  network  and  security 
engineers  to  evaluate  and  fix  the  security  vulnerabili¬ 
ties  present  in  an  Internet  DMZ  architecture. 
Contestants  will  submit  two-person  teams  of  network 
and/or  security  engineers  who  will  identify  and  fix 
security  problems  in  a  pre-configured  network  and 
server  architecture. 

The  event  will  be  held  live  during  the  conference  and 
give  the  audience  a  first-hand  look  at  how  security 


professionals  perform  their  jobs.  The  competition  will 
be  a  head-to-head  format  with  each  team  competing 
against  the  clock  and  the  other  teams. 

mmwiumm 

10:30  to  11:30  a.m. 

Network  World  Mini  Showdown: 

The  New  Data  Center 

Moderator:  John  Gallant,  editorial  director, 

Network  World 
Panel:  Israel  L'Heureux,  CTO 
and  Founder,  Redline 
Networks;  and  Prabaka r 
Sundarrajanm,  CTO  and  exec¬ 
utive  vice  president  of  strate¬ 
gic  planning,  NetScaler. 

Network  1/Vor/c/  this  year 
began  its  exploration  of  the 
new  data  center.  The  new  data 
center  is  a  re-envisioning  of  the 
traditional,  physical  data  center  concept  that  recog¬ 
nizes  the  increasingly  distributed  and  virtualized 
nature  of  computing  and  applications,  and  the  chang¬ 
ing  needs  of  the  extended  enterprise  and  mobile  end 
users.  In  this  new  data  center  environment,  applica¬ 
tions  and  resources  exist  beyond  device  boundaries 
and  require  design,  security  and  management  skills 
that  accommodate  such  a  shift. 


In  this  special  session,  Gallant  will  moderate  a  presi¬ 
dential-style  debate  between  two  innovative  vendors 
of  equipment  for  the  new  data  center.  Gartner  has 
cited  Redline  and  NetScaler  for  their  visionary 
approach  to  Web-enabling  applications,  and  attendees 
will  hear  from  the  companies’  top  executives  about 
their  divergent  strategies  and  product  sets.  The  com¬ 
panies'  executives  will  field  questions  from  Gallant, 
each  other  and  the  audience  in  this  lively  session  that 
will  cut  through  the  hype  and  help  you  prepare  for  the 
new  data  center. 

3:30  to  4:45  p.m. 

Data  Privacy:  A  Corporate  Imperative 

Moderator:  Michelle  Dennedy,  chief  privacy  officer, 
Sun 

As  more  companies  deploy  Web-based  services, 
they  also  could  be  opening  a  door  to  data  piracy.  This 
session  will  focus  on  how  to  do  more  than  trust  the 
public  when  corporate  data  is  involved.  Dennedy  will 
discuss  how  to  ensure  that  e-business  initiatives  suc¬ 
ceed,  yet  also  protect  the  data  of  customers,  partners 
and  employees.  Dennedy  will  detail  the  numerous 
legal,  technical,  public  policy  and  communications 
issues  that  are  involved  in  data  privacy  today  and 
share  best  practices  in  creating  a  cohesive  privacy 
practice. 


John  Gallant 
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remote  KVM  control  via  IP 

►  Full  BIOS  level  access  through  Web  Interface 

►  Up  to  6  simultaneous  and  independent  remote  users 

►  Remote  power  cycling 

►  Multipurpose  serial  ports 

►  No  additional  software  or  hardware  required 

►  128  SSL  encryption  with  other  specialized  security 
features 
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with  one  solution 

LAN,  WAN,  802.1  la/b/g,  Gigabit 


www.networkinstruments.com/nine 

1.800.526.5958 

O  2004  Network  Instruments,  UX.  Observer,  Network  Instruments  and  the 
Network  Instruments  logo  are  registered  trademarks  of  Network  Instruments.  IXC. 


Om  i.l 

Advanced  Network  Troubleshooting 
for  Enterprise  Networks 

Don’t 
just  sniff, 


take 

a  Peek! 

www.wildpackets.com/dontjostsniff 


NETWORLD  +  INTEROP  Booth  2523 


IS1  Neiwoi'kWorld  5  3  04  Show  Planner:  NetWorld+Interop  2004 


5  to  6  p.m. 

Keynote  address:  John  Chambers,  presi¬ 
dent  and  CEO,  Cisco 

Attendees  will  get  the  chance 
to  hear  the  leader  of  the  network 
giant  discuss  the  company's 
plans,  its  strategic  vision  and 
where  it  sees  networking  in  the 
future.  Chambers  will  highlight 
how  building  intelligence  into  the 
foundation  of  the  network  allows 
companies  to  maximize  produc¬ 
tivity  and  profitability  while  pro¬ 
tecting  business-critical  informa¬ 
tion,  applications  and  processes.  An  intelligent  infor¬ 
mation  network  can  maximize  end-to-end  network 
performance;  dramatically  improve  the  network's  abil¬ 
ity  to  identify;  prevent  and  adapt  to  threats;  and  offer 
integrated  features  that  support  new  network  ser¬ 
vices  and  applications. 

6:30  to  8:30  p.m. 

Security  Lounge  at  The  Beach 

The  Interop  After  Dark  Lounges  are  after-hours 
gatherings  geared  toward  networking  with  peers  and 
entertainment  after  the  show  floor  closes. 

The  After  Dark  Lounge  events  are  designed  for 
attendees  and  exhibitors  to  build  relationships  in  a 
casual  environment.  Those  looking  for  inside  tips  on 


security  or  wanting  to  connect  with  peers  should  take 
the  time  to  chat  about  security  after-hours  and  enjoy 
the  free  food  and  drink. 


THURSDAY  MAY  13 


8:30  a.m.  to  5:30  p.m. 

Wireless  LAN  Installation,  Management  and 
Security 

Moderator:  Chris  Elliot,  escalation  engineer,  Cisco 

Network  designers,  network  managers,  network  sup¬ 
port  and  CTOs  should  not  miss  this  all-day  session  that 
will  teach  them  to  install,  manage  and  secure  802.11 
wireless  LANs  (WLAN). 

Elliot  will  cover  usability,  reliability  and  security  tech¬ 
niques,  and  help  attendees  determine  the  best  wireless 
practices  for  their  networks.  The  presentation  also  will  in¬ 
clude  a  demonstration  of  commercial  and  free  tools  avail¬ 
able  for  installing  and  maintaining  wireless  networks. 

Among  the  specifics  Elliot  plans  to  cover  are  wireless 
standards,  link  layer  security,  RADIUS  authentication 
servers  and  security  at  higher  layers.  Also  on  the  agen¬ 
da  is  implementing  wireless  virtual  LANs  to  support  dif¬ 
ferent  classes  of  users  on  one  infrastructure  and  ensur¬ 
ing  your  networks  are  not  vulnerable  to  all  known  secu¬ 
rity  issues. 

“This  is  a  must-attend  for  any  network  administrator,” 


says  Rob  Enderle,  principal  analyst  at  Enderle  Group. 

2:15  to  3:30  p.m. 

Consolidating  Network  Functions  in  the 
Data  Center 

Moderator:  Peter  Sevcik,  president,  NetForecast 
Panel:  Raj  Kanaya,  vice  president,  product  strategy 
and  alliances,  NetScaler;  Dan  Matte,  vice  president, 
product  management  and  marketing,  F5  Networks; 
Craig  Stouffer,  vice  president,  marketing,  Redline 
Networks. 

This  session  will  help  network  managers  get  a  better 
handle  on  data  center  resources  and  ensure  their  sys¬ 
tems  are  available  and  dynamic.  Sevcik  and  company 
will  discuss  systems  that  improve  availability  in  the  data 
center  and  the  network.  Learn  about  advances  in 
devices  that  control  resource  availability.  The  session 
also  describes  new  management  methodologies  that  are 
critical  to  understanding  and  controlling  high  availability. 
The  speakers  present  case  studies  of  large,  complex 
systems  that  have  achieved  excellent  availability. 

More  online! 

Go  to  www.nwfusion.com  for  an  unabridged 
planner  DocFinder:  1841 
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Server  Remote  Control 

Complete  control  of  your  remote  servers  is  only  a  click  away 
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Introducing  Server  Remote  Control  -  The  most  powerful 
KVM  Control  Over  IP  solution  the  world  has  ever  seen 

What  makes  it  so  powerful? 

•  Exclusive  Virtual  Drive  Technology  allows  you  to  upgrade  and  install  files  on  your 
servers,  anywhere  in  the  world 

•  BIOS  level  keyboard,  mouse  and  video  control  over  remote  servers 

•  Save  thousands  on  travel  costs  to  server  locations 
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Now  you  can  be  everywhere  you  need  to  be.  Instantly.  Because  now  you  can  access,  diagnose  and  monitor  servers  -  even  the  worst 
server  problems  -  in  any  location  in  the  world  without  ever  leaving  your  chair.  With  Raritan's  19  years  of  innovation  in  the  Data 
Center,  you  now  have  the  newest  and  most  dependable  choice  for  an  integrated  KVM  over  IP  switch:  Dominion  KX.  It's  a  plug-and- 
play  appliance.  It's  incredibly  scalable.  It  works  even  when  your  network  is  down.  And  by  encrypting  all  KVM  data,  including  video, 
KX  provides  the  industry's  most  secure  KVM  over  IP  technology.  It's  the  KVM  option  that  will  make  other  options  obsolete. 


To  schedule  a  test  drive,  call  1-800-724-8090  x925  or  visit  us  at  www.raritan.com/925 
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The  KX  Digital  KVM  Switch 
is  one  part  of 

RARITAN'S  DOMINION  SERIES. 

The  complete  Data  Center 
Management  Solution 
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■  CAREER  DEVELOPMENT 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


Calculating  costs  of  WLANs 

WLAN  switch  prices  and  features  are  all  over  the  map.  Here’s  help  sorting  through  the  offers. 


■  BY  JOHN  COX 

To  know  if  you’re  getting  what  you  pay  for 
in  a  wireless  LAN  switch, you  have  to  know 
what  you  want  and  what  the  vendor  has. 

As  the  accompanying  chart  shows,  WLAN  switch  pric¬ 
ing  is  quite  variable.The  products  differ  widely  in  terms  of 
the  features  they  have,  how  well  the  same  features  are 
implemented,  the  number  of  WLAN  access  points  they 
support,  and  which  features  are  standard  and  which  are 
optional. 

Think  of  your  WLAN  purchase  as  a  system,  not  a  box, 
and  price  it  accordingly  “A  lot  of  people  get  caught  up  in 
what  the  access  point  costs  or  the  wireless  switch  costs,” 
says  Joshua  Wright,  a  former  network  engineer  with  John¬ 
son  &  Wales  University  in  Providence,  R.LThey  forget  that 
with  Vendor  A,  1  [also]  have  to  buy  a  separate  VPN  or 
RADIUS  server,  but  with  Vendor  B,  all  this  comes  in  one 
package.” 

While  at  the  university,  Wright  guided  the  purchase  of 
WLAN  switches  and  access  points  from  Aruba  Wireless 
Networks.  He’s  now  director  of  training  at  SANS 
Institute,  a  computer  research  and  training  firm  in 
Bethesda,  Md. 

Bruce  Burke,  network  manager  for  Pacific  Exchange, 
an  options  trading  floor  in  San  Francisco,  says  that  some 
senior  managers  initially  thought  he  could  shop  at  a 
local  electronics  store  and  pick  up  a  few  of  the  wireless 
access  points  aimed  at  home  users.  “We’re  not  talking 
about  a  little  office  switch  deployment,”  he  says.  He 
spent  time  educating  management  about  what  was 
needed  for  a  WLAN  that  would  be  reliable  enough  for 
the  Exchange. 

The  decision  cycle  at  Pacific  Exchange  took  about  three 
weeks  last  fall  for  the  relatively  small  deployment  of  two 
Airespace  switches  for  redundancy  and  10  access  points. 
But  it  took  about  three  months  at  Johnson  &  Wales 
because  the  university  was  looking  for  a  set  of  products 
that  could  be  deployed  on  a  larger  scale,  and  to  at  least  a 
half  dozen  remote  campuses  across  the  U.S.,and  more  in 
the  future. 

Pacific  Exchange  had  suffered  from  an  existing  802.11a 
WLAN  that  kept  crashing  the  critical  trading  applications. 
Coverage  was  spotty  because  of  architectural  issues, 
including  reflective  surfaces  and  a  range  of  building 
materials.  An  analysis  convinced  Burke  that  the  new 
WLAN  needed  mountings  that  could  accept  different 
types  of  antennas,  and  radio  management  features  to 
adjust  the  radio  signal  strength  of  each  access  point. 

Johnson  &  Wales  had  a  wide  range  of  requirements  be¬ 
fitting  a  large-scale  deployment.  One  of  the  most  impor¬ 
tant  was  the  support  for  Layer  3  roaming  —  a  user  could 
move  from  one  WLAN  subnet  to  another  without  having 
to  change  IP  addresses. The  school  also  needed  support 
for  several  security  technologies:  802.  IX  authentication, 


VPNs  and  captive  Web  portals. 

The  requirements  then  guided  both  organizations 
through  the  evaluation  of  product  features.  They  were 
especially  useful  in  figuring  the  real  cost  of  a  WLAN 
deployment. 

“What  surprised  us  was  how  much  the  total  solution 
cost  us  overall,”  Wright  recalls.  However,  he  declined  to 
discuss  that  figure. 

The  cost  of  the  hardware  and  software  products 
are  only  part  of  the  overall  cost  of  your  WLAN  deploy¬ 
ment.  There  are  many  hidden  costs  of  tying  a  WLAN  to 
existing  authentication,  security  and  administration 
systems. 

“If  you  have  a  separate  [WLAN]  network  management 
system,  you  have  to  set  it  up  and  configure  it,”  says  Matt 


Dillon,  principal  consultant  with  INS,  an  IT  services  and 
integration  company.  “Then  you  have  to  integrate  it  with 
your  security  access  system,  which  is  a  lot  of  administra¬ 
tive  time.” 

One  INS  customer  had  a  remote-access  control  (RAC)  sys¬ 
tem  that  worked  fine  for  about  100  users.  A  proposed  enter¬ 
prise  WLAN  jumped  the  number  of  RAC  users  to  more  than 
500,  so  the  customer  had  to  spend  tens  of  thousands  of  dol¬ 
lars  to  replace  the  existing  RAC  system  to  handle  the  higher 
level  of  authentication  processing. 

Installation  including  Ethernet  cabling  can  cost  $75  to 
$150  per  access  point,  Dillon  says.  He  says  a  thorough  site 
survey  is  essential.  Technical  support  capabilities  and 
costs,  and  other  issues  such  as  a  vendor’s  financial  stabil¬ 
ity  and  product  road  map,  are  other  variables  to  consider. 

“You  need  to  look  at  the  components  of  the 
system  and  ask  what  would  it  [cost]  to  expand 
the  WLAN,  or  increase  the  coverage  area,  or 
extend  it  to  another  office,”  Burke  says. 

In  evaluating  product  features  against  re¬ 
quirements,  Burke  and  Wright  each  nar¬ 
rowed  down  a  handful  of  vendors  to  a  cou¬ 
ple,  which  were  subjected  to  more  detailed 
examination  in  documents  and  meetings. 

In  both  cases,  vendors  were  required  to  sub¬ 
mit  pricing  proposals  that  outlined  the  cost  of 
the  hardware  and  software  components  of 
their  proposed  package. 

“They  were  all  dying  for  [our]  business,” 
Burke  says.  “They  [offered]  pretty  heavy  dis¬ 
counts, ’’though  he  wouldn’t  elaborate. 

When  Wright  conducted  the  evaluation  last 
summer,  he  found  the  smaller  vendors  were 
more  flexible  in  pricing  than  companies  like 
Cisco. 

Burke,  Wright  and  others  say  now  is  a  good 
time  for  buying  WLANs.  “The  WLAN  market 
right  now  is  favorable  for  customers,”  Wright 
says.  ■ 


WLAN  procurement  and  pricing 

Component  costs  for  wireless  LAN  switch  systems  vary 
widely,  as  do  their  feature  sets,  making  a  simple  price 
comparison  impossible. 

Users  need  to  look  at  the  cost  of  the  total  WLAN  system 
to  see  component  prices  in  the  proper  context. 


Vendor 

High-end 

switch 

Two-radio 
access  point 

Other 

Airespace 

4102:  $13,125 

$550 

Net  management: 
$1,000 

Aruba 

5000:  $20,000 

$500 

Intrusion-detection 
software:  $8,000 

Chantry 

BM  1200: 
$45,000 

$395 

No  additional 
elements 

Symbol 

WS  5000: 
$7,500 

$390 

Net  management: 
$5,000 

Trapeze 

MX -400: 
$22,000 

$550 

RF  management: 
$2,000 

Extreme 

WLAN 
blade:  $3,000 

$800 

Alpine  switch:  $7,000 

Source:  Vendors 


Getting  to  the  right  price 


participating  in  Network 
World's  "Virtual 
Showdown:WLAN 
Switches" 

DocFinder:  1640 


•  Remember:  Right  now,  WLAN  • 

buyers  are  in  a  strong  position. 

•  Know  exactly  what  yourWLAN 

requirements  are  and  what  product 
features  satisfy  these.  • 


Use  an  RFP;  get  prices  for  each 
element  of  the  WLAN  system, 
including  any  third-party  products 
you'll  need. 

Consider  service  and  support,  the 
company’s  stability,  its  product  road 
map  and  its  future  pricing  plans. 

Realize  all  pricing  is  negotiable, 
although  the  degree  will  vary  with 
the  vendor. 

Bargain  hard. 
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more 

space? 
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Storage  Solutions 


►  NAS  -  Network  Attached  Storage  (Embedded)  ►  DAS  -  Direct  Attached  Storage*  ►  SAN  -  (FC-SATA,  FC-FC) 

■  . . 

Storage  technology  protocols  Key  differences  among  competition: 


►  ATA 

►  SATA 

►  SCSI 

►  FIBRE 


►  7x24  global  support 

►  Online  and  real-time  depot  parts  express 

►  Channel  program  to  enhance  Xtore’s  business  partners  profitability  (XVP) 

►  Highly  compatible  solution  with  certified  third  party  partners 


►  Visit  our  website 

www.xtore-es.com 


•Direct  Attached  Storage  (ATA,  SCSI.  SATA.FC) 


US  Headquarters  :  1 7959  E.  Ajax  Circle  /  City  of  Industry, CA  91 748 

Phone:  (626)  581-7015  /  Fax:  (626)  581-7065  /  E-mail:  sales@xtore-es.com 

©  Copyright  2004  •  All  rights  reserved  to  Xtore  Extreme  Storage,  Inc.  Concept  and  Design  by  Bluesky133.com 
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Control  your  server  room  from  your  desktop 

Add  KVM  over  IP  access  and  control  to  any  server  or  KVM  switch. 
Take  total  BIOS  level  control  of  your  servers  anywhere,  anytime. 
Why  settle  for  remote  access  when  you  can  have  complete 
CLICK  AND  CONNECT™  remote  control  over  IP! 


Check  out  the  advantages  of  KVM  over  IP  control 


Avocent,  the  Avocent  logo,  SwitchView  and  CUCK  AMO  CONNECT  are  trademarks  or  registered  trademarks  of  Avocent  Corporation  or  its  affiliates.  pcAnywhere  is  a 
registered  trademark  of  Symantec  Corporation.  ©  Copyright  2004 


Control 


SwnoMfw  n  •• 

KVM  over  IP 
access  and  control 

for  less  than  $1000 

Available  from  your  favorite  catalog, 
online  retailer  or  authorized  reseller 


•  Access  any  server  via  a  web  browser 

SwitchView™  IP 

✓ 

pcAnywhere®  1 

✓  J 

•  Connect  and  control  your  PC  throughout  the  hoot  process 

✓ 

I 

•  Access  and  control  any  server  even  if  the  OS  is  down 

✓ 

1 

•  Add  IP  remote  access  to  any  existing  KVM  switch 

✓ 

1 

•  Works  with  any  operating  system.  BIOS  level  control 

✓ 

i 

•  No  software  required  on  the  target  server 

✓ 

I 

Risk  Free 

30-day  moneyback  guarantee 


www.avocent.com  866.286.2368 
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AKE  IT  HAPPEN. 


Custom  Management  Levels 

OBSERVER 

•  Decode  over  500  protocols 

•  Long-term  network  trending  &  analysis 

•  Real-time  statistics 


EXPERT  OBSERVER 

•  What-lf  Modeling  Analysis 

•  Expert  Analysis 

•  Connection  Dynamics 

OBSERVER  SUITE 

«  Complete  SNMP  device  management 

•  Supports  full  RM0N1,  RM0N2,  HCRMON 

•  Web  Publishing  Reports 


Remote  &  Hardware  Options 

REMOTE  NETWORKING  PROBES 

•  Fully  distributed 

•  Monitor  up  to  64  NICs  simultaneously 

•  New  levels  of  problem  solving  collaboration 


GIGABIT  &  WAN  HARDWARE  OPTIONS 

•  Portable  analyzer  systems 

•  Rack-mount  Probes  ready  to  go 

•  Direct,  passive  link  for  independent  views 


US  &  Canada  Toll  free:  (800)  52.6-5958  •  Fax:  (952)  932-9545  •  UK  &  Europe:  +44  (0)  1959  569880 


www.networkinstruments.com/nine 

©  2004  Network  Instruments,  LLC.  All  rights  reserved.  Observer,  Network  Instruments  and  the 
Network  Instruments  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 


Test-drive  the  new  Observer  9  today  and  see  how  it  immediately 
finds  problems  you  didn’t  know  you  had,  optimizes  network  traffic 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 

www.networkinstruments.com/nine 


Introducing  Observer  9 

•  New  Application  Analysis 

•  Remote  probes  now  provide  multi-interface  and 
multi-session  support 

•  Industry-first  4GB  packet  capture  buffer 

•  Wireless  Site  Survey  Modes 

•  Nanosecond  resolution 

•  Now  over  450  Expert  Events 

•  SNMP,  RMON  and  now  HCRMON  support 


NETWORK 

INSTRUMENTS 


One  Network  Complete  Control  Wired  to  Wireless  •  LAN  to  WAN 
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How  does  your  rack  really  stack  up? 


Take  the  APC  Rack  Challenge  and  find  out  how 
the  New  NetShelter®  VX  outperforms  your  brand. 

Whether  you  are  consolidating  servers,  relocating  your  data  center,  or  centralizing 
distributed  networks,  selecting  the  right  brand  of  enclosure  is  crucial  to  successful 
implementation.  Take  the  APC  Rack  Challenge  today  to  make  sure  your  facts  and 
your  racks  really  stack  up. 


THE  APC  RACK  CHALLENGE 


Name: 


Title: 


Company:  Phone: 

Address: 

How  many  racks  do  you  currently  have  installed? 

Features  to  expect  in  today's 

IT  rack  enclosures 

NetShelter®  VX 
(AR2101BLK) 

no  side  panels 

Compaq  Rack 
10000  Series 

(245161 -B21) 

no  side  panels 

Your  rack  brand  here: 

r  —  —  —  —  —  —  —  —  —  ^ 

1  1 

1  1 

1  1 

Integrated  rear  power  distribution 
channels  that  provide  zero-U, 
toolless  mounting  of  basic, 
metered,  and  switched  rack-mount 
power  distribution  units. 

0 

& 

/*”  S\ 
t  r 

v_/ 

Integrated  rear  cable  management 
channels  that  allow  efficient  cable 
routing  and  easily  accessible 
cable  containment. 

0 

& 

/” 

t  1 

s_/ 

Available  with  scalable 
cooling  options  to  support 
heat  densities  up  to  7.5kW*. 

0 

*5 

/  \ 

t  i 

Exceeds  major  server  requirements 
for  front  door  ventilation. 

0 

0 

/  \ 

l  4 

V./ 

Meets  or  exceeds  warranty 
requirements  for  all  major  servers. 

0 

0 

*» 

/  \ 

1  1 

N  _  ✓ 

InfraStruXure  compatible. 

Seamlessly  integrates  into  APC's 
modular,  manageable,  pre-engineered 
data  center  architecture. 

0 

& 

/”  S\ 
i  r 

\  _  * 

Vendor  neutral  rack  configurator 
designed  to  support  most  third  party 
servers  and  networking  devices. 

0 

& 

i  i 

5-year  warranty 

M 

X 

/**  "\ 

X  1 

v   / 

"Fits  Like  a  Glove"**  money  back 
guarantee  that  all  IT  equipment 
will  fit  in  the  rack. 

8 

'\ 

1  4 

N  _  / 

mmm 

DELL  •  CISCO  •  LUCENT  1 

Compare!  Savings 
k  of  almost  40% 

s1039 

*1359 

!$  ! 

1  1 

t  1 

1 

TAKE  THE  RACK 
CHALLENGE  TODAY! 


Online: 

http://promo.apc.com  •  Key  Code  q795y 


By  Fax: 

1)  Fill  in  your  business  information, 
indicate  your  rack  brand  of  choice, 
and  check  off  the  applicable  fields. 

2)  Fax  the  completed  Rack  Challenge 
to  the  following  number: 

Fax  401-788-2797 


I  took  the  ^ 
APC  RACK 
CHALLENGE! 


RECEIVE 
YOUR  FREE  T-SHIRT 


Be  one  of  the  first  100  respon¬ 
dents  and  receive  a  FREE  "I  took 
the  APC  Rack  Challenge"  T-shirt! 


Designed  specifically  for  the  cabling, 
cooling  and  security  demands  of  today's 
IT  environments,  the  NetShelter®  VX  is  a 
complete  infrastructure  compatible  with  a 
full  range  of  integrated  APC  components. 
Vendor-neutral,  all  you  need  to  add  are 
the  servers  of  your  choice. 


NetworkAIR™  RM  Air  Distribution  Unit 


Unique  2U  rack-mounted  fan 
unit  delivers  additional  cool 
air  and  improves  circulation. 


1U  Rack-mount  LCD 
Monitor/Keyboard  Drawer 

Maximizes  space  in 
data  center  environments. 


Environmental  Monitoring  Unit 

Monitors  ambient  temperature,  e 
humidity  and  other  environmental 
conditions  in  racks. 


Rack-mount  PDU 

Provides  up  to  5.7kW  of  power, 
eliminating  the  need  for  multiple 
outlet  strips  per  rack.  Available  for 
both  single-  and  3-phase  input  power. 


*  Based  on  APC  Internal  Research  and  testing.  **  See  link  on 
promotions  page  for  terms  and  conditions,  f  Source  of 
average  pricing:  www.HP.com.  Prices  may  vary  or  change 
from  time  to  time.  Not  applicable  to  other  SKU's  or  models. 


Legendary  Reliability 


©2004  American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners  •  Call:  888-289-APCC  x6715  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Ri  02892  US  »  . 
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Mi 


intelligent  Serial  Port  Switch  with 

nternal  Modem 


B  internal  33.6  Kbps  Modem 


wtl.ca*, 


m  Secure  Dialback  Feature 
B  Password  Protection 
B  invalid  Access  Lockdown 
B  Periodic  Modem  “AT”  Refresh 
B  Seven  RS232  DB-9  Console  Ports 
B  Any-to-Any  Port  Switching 
B  Non-Connect  Port  Buffering 
B  Data  Rate  Conversion  300  to  115K  bps 
B  AC  and-48  DC  Power  Options 


WWW. 


The  APS-8M  Asynchronous  Port  Switch  is  a  cost 
effective  Terminal  Server  alternative,  plus  you  get  an  internal  modem 
which  saves  rack  and  cabling  hassles.  Connect  multiple  devices  for  on-site 
and/or  dial-up  remote  communications.  High  data  throughput,  full  modem 
and  data  flow  control  all  add  up  to  make  the  APS-8M  the  perfect  data  switch 
or  today’s  remote  network  management  applications. 


Wti.  COm  (800)  854-7226 


APS-8M 

asynchronous 
PORT 

switch 


western  telematic  incorporated  Celebrating  our  40th 

5  Sterling  •  Irvine  •  California  926  1  8-25  1  7  Year  in  DataCom 


“Keeping  the  Net.. .Working!” 


EQUINOX 

an  Avocent  Company 


Secure  Console  Port  Management 

Extend  Your  Reach 


One  Equinox  Way,  Sunrise  FL  33351,  email:  sales@equinox.com  or  for  international  customers  email:  intlsales@equinox.com. 

C  2004  Avocent  Corporation.  Equinox  and  AVWorks  are  registered  trademarks  of  Avocent  Corporation  or  its  affiliates.  All  other  marks  are  the  property  of  their  respective  owners. 


Relax  and  fix  the  problem  from  virtually  anywhere. 

When  critical  servers  or  network  equipment  malfunction, 
the  Equinox  CCM  console  manager  and  AVWorks® 
management  software  give  you  the  tools  to  securely  and 
quickly  restore  normal  functionality  from  anywhere. 


Extend  your  reach 


Available  in  8,  16 
and  48-ports. 


Otal  Acce*. 
Clwml 


For  your  free  white  paper  on 
Best  Practices  for  Secure 
Console  Port  Management  visit 

www.equinox.com/ccm4 

For  a  30-day  product  evaluation 
call  1-800-275-3500  ext.  247  or 
954-746-9000  ext.  247 


*  To  be  provided  in  future  upgrade  for  the  48-port  model. 


Linux  Server 
Unix  Server 
Windows  Server 
Router 
Switch 


Power 

Control 


SSH 
Client 

AVWorks 
Software  Client 


CCM  Console  Manager  features: 

■  SSH  v2/Telnet  host  ■  In/out  of  band  access 

■  Strong  authentication  ■  Point  and  click  access 

■  Offline  buffering  to  serial  consoles,  KVM 

■  SUN  break  safe  and  power* 


Power  Co  :rol 
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What’s  Your 
‘Current’  Load? 


Verify  Amps  Used  per  Circuit 
with  Sentry  Input  Current  Monitor 

•  Precisely  measure  the  current,  in  amps, 
for  each  power  circuit 

•  Prevent  overloads  on  existing  power  circuits 

•  Reduce  costs  for  additional  power  circuits 

•  Overcurrent  alarms 

•  Remote  Measurement  via  IP  or  RS-232 

•  Local  Measurement  via  digital  display 

Sentry  Power  Tower.  Equipment  Cabinet  Solutions. 


Server  Technology,  Inc. 


1040  Sandhill  Drive  Reno,  Nevada  8951 1  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


o 

Famatech 


How  fast  can  you  get  to  your 
server,  if  you  are  1000  miles 
away?  Two  hours  by  plane. 
Fourteen  hours  by  car.  A 
month,  if  you  run.  Only  a  few 
seconds  with  RADMIN. 

RAOMIN  is  a  reliable  and 
secure  remote  control 
software  designed  to  work  on 
and  monitor  the  remote 
computers  just  as  if  they 
were  right  there  in  front  of 
you.  RADMIN  proved  itself 
as  incredibly  fast  and  easy  to 
learn  and  use.  RADMIN  is  a 
complete  remote  control 
solution  with  such  features  as 
file  transfer,  NT  security, 
Telnet  and  multiple 
connections  support  built  in. 


See  details  at: 

www.radmin.com 

e-mail:  sales@radmin.com 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure. 

Move  to  integrated  management  Try  OpManager  today.. 

Available  for  Linux,  Solaris  and  Windows 


Matters 


ellence 


■ 


Keep  IT  simple 


ManageEngine 

OpManager 

Network,  Systems  and  Application  Management 
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SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


RackVfew™ 

KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


Rose  Electronics 
10707  Standiff  Road 
Houston,  Texas  77099 


ROSE  US  +281  933  7673 

ROSE  EUROPE  +44(0)1264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


j  ..'Axy^switch.^ijoivs- Single  or  Multiple 

•  o  $ave:  lecjaU  Or  remote  access  to 
Computers  located  In  .server  rooms  or 
. t  bo  the?  desktop  Regardless  of  their  platforms 
aAd  obefdtira;'sysfcems.  KVM  switches  have 


V  *ixa$tj6n'dl(|jr  provided 'cost  savings  in  reducing 


Recognized  as  the  pioneer  of  KVM  switch 
:  technblogy/Rose  Electronics  offers  the 
'IndyStiY's.roost-comprehensive  range  of 
-  /  server  management  products  such  as  KVM 
:i.  s Witches,  extenders  and  remote  access 
saiutTohs;.  Rose€lectr6n(cs  products  are, 
known  for  their  quality,  scalability,  ease  of  use 

V''  and innovative .technology.  ■ 

' 

.  - 

Rose  Electronics  is.  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
:  products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 

800  333  9343 

WWW.ROSE.COM 


•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Free  lifetime  upgrade  of  firmware 

•  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 

•  Easy  to  expand  _  _ 

U§\RQ5E 

XT^electronics 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


Attention  Resellers! 


SECUREMATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  SONICWALL 
Security  Products! 


LIMITED  TIME  OFFER! 

•  Earn  1  FREE  SontcU  e*Training 

Class  for  every  $15K  in  SonicWALL 
purchases  from  Securematics.” 

*  New  SonicWALL  Resellers  will  receive  1  FREE 

SonlcU  Electronic  Training  Course  with  purchase 

of  any  Demo  Unit  _ 

1 

J 

i 

V. 

Securematics  is  a  SonicWALL  Authorized  Distributor  &  Training  Partner 
To  sign  up  for  the  Medallion  Partner  Program,  please  contact  us. 

Call  -  888-746-6700  sales@securematics.com  www.securematics.com 
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WWW.RECURRENT.CQM 


Systems/FeatwesTMemory 


GBlCs/Cables/Parts 

Also  Available:  Extreme,  Adtran 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 


COMSTAR,  INC. 

The  #1  Network  Remarketer 

952*835*5502 

Fax  952*835*1927  www.comstarinc.com 


Ethernet/Web 

Rack  Mounted 

Temperature 

Air  Flow 

Monitor  Multiple  Cabinets 

Humidity 

HTML  (no  client  needed) 

Door  position 

SMTP  (e-mail  alerts) 

Sound 

SNMP  (MIB,  Traps) 

Light  Level 

Graphing 

Power 

Video  optional 

16  external  sensors 

Console 

O  IT  Watchdogs 

See  it  working  at: 

www.ITWatchdogs.com 

http://63.237.104.17 

512-257-1462 

WWW.SUITCASE.COM 


Luggage,  Fine  Leather  Goods,  Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo,  Samsonite,  Cross 

10%  discount  for  Network  World  readers 
Enter  code  NWW2004 


Advertising  Supplement 

IT  Careers  in  Security/Defense 


With  pronouncements  of  hiring  tens  of  thousands 
of  employees,  it  becomes  clear  that  the 
government  agencies  and  corporations  working  in 
support  of  security  and  defense  offer  some  of  the  best 
opportunities  for  information  technology 
professionals.  The  "gotcha"  is  whether  you  have  or 
can  qualify  for  a  security  clearance. 


The  focus,  in  terms  of  security  and  defense,  is  on 
converging  data,  making  it  available  to  multiple 
users,  and  mining  the  data  for 
intelligence/knowledge.  While  the  U.S.  Armed 
Forces  are  among  the  heaviest  of  recruiters,  the 
Transportation  Security  Administration  is  under 


pressure  too.  Currently,  TSA  is  funded  for  729  staff 
information  technology  positions;  just  over  270  of 
them  have  been  filled.  The  2005  budget  calls  for  more 
full-time  IT  professionals.  In  testimony  before 
Congress,  Lt.  Gen.  Frank  Libuttle,  TSA's  interim 
director,  said  his  group  will  hire  40  people  per  month 
to  fill  the  slots.  In  addition,  the  TSA  budget 
documents  indicate  the  agency  is  relying  heavily  on 
universities,  national  laboratories  and  companies  to 
"push  the  scientific  envelope"  to  deliver  information 
sharing,  infrastructure  protection  and  new 
technologies  and  tools. 

Northrop  Grumman,  in  looking  forward,  continues  to 
predict  strong  hiring,  including  the  Northrop 
Grumman  Information  Technology  unit.  The 
corporation  as  an  entity  hired  18,000  employees  in 
2003,  the  majority  in  this  unit.  Most  recently,  the  unit 
received  a  $337  million  task  order  for  the  Department 
of  Homeland  Security's  secure  data  network.  The 
company  is  teaming  with  Information  Builders  to 
identify  and  pursue  three  national  security  activities  - 
bioterrorism/syndromic  analysis,  identification  and 
authentication  solutions,  and  law  enforcement  data 
integration.  The  company's  current  careers  listings 
range  from  human  intelligence  operations  specialist 
to  data  warehousing,  software  development  to 
JAVA  specialists. 


Lockheed  Martin,  which  was  a  lead  in  airport  security 
initiatives  two  years  ago,  continues  to  predict  strong 
hiring  in  the  next  three  years  -  conservatively 
estimated  at  10,000  replacement  and  new  workers 
every  year.  According  to  Tom  Greer  at  Lockheed 
Martin  Corporation,  a  large  number  of  these  jobs  will 
be  in  the  mid-Atlantic  region  and  tied  to  new  and 
existing  security  and  defense  contracts.  Currently,  the 
company  employs  more  than  30,000  IT  professionals 
and  has  13  business  units  rated  at  Levels  4  and  5  for 
software  engineering  maturity.  Greer  said  the  hiring 
will  include  software  developers/engineers,  system 
analysts,  network  engineers,  programmers,  systems 
integration  analysts  and  data  administrators.  About 
one-third  of  the  new  hires  will  require  security 
clearances. 

Other  companies  among  the  biggies  claiming  security 
and  defense  contracts  include  Unisys,  Boeing, 
Raytheon,  SAIC,  Oracle  and  IBM. 


For  more  information  about  IT  Careers 

advertising,  please  contact:  Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Hedden 


"DIVERSITY  IN  PRODUCTS,  SERVICES  AND  PEOPLE" 

THE  SOCIAL  SECURITY  ADMINISTRATION  IN  WOODLAWN,  MARYLAND 
is  seeking  highly  motivated  IT  Professionals  for  the  following  types  of  positions: 

♦  Mainframe  Developers  (COBOL,  CICS) 

♦  Internet  Developers  (Java,  WebSphere,  CGI) 

♦  Database  Administrators  (DB2,  IDMS,  Oracle) 

♦  Systems  Operation  Analysts  (SUN/UNIX,  JCL,  TSO/ISPF,  z/OS,  Control  M) 

COME  JOIN  OUR  WINNING  TEAM! 

WE  OFFER: 

♦  COMPETITIVE  SALARIES  -  RANGE:  $52,963-$85,867 

♦  A  COMPREHENSIVE  BENEFITS  PACKAGE  INCLUDING: 

•  RETIREMENT  SAVINGS  INVESTMENT  PLAN 

•  HEALTH,  LIFE  AND  LONGTERM  INSURANCE  FOR  SELF  AND  FAMILY 

♦  PAID  VACATION,  SICK  LEAVE  AND  10  PAID  HOLIDAYS 

♦  PAID  OVERTIME  AND  ONGOING  TECHNICAL  TRAINING 

♦  FLEXIBLE  WORK  SCHEDULES. 


ALL  OF  THIS  AND  A  POSITIVE,  CASUAL  WORK  ENVIRONMENT! 

To  apply  go  to  USAJOBS  at:  http ://iobsearch.usaiobs. opm.gov/  and  select 
the  Social  Security  Administration.  Must  be  a  United  States  citizen  to  apply. 

w 

www.socialsecuritv.aov 

EOE/ADA 


RAPIDLY  CHANGING  CONDITIONS 

HAVE  ALWAYS  BEEN  OUR  SPECIALTY. 


The  way  we  see  it,  challenges  are  just  opportunities  in  disguise.  At  Northrop 
Grumman  Mission  Systems  we're  eager  to  push  our  defense  capabilities  years  into 
the  future.  If  you  have  the  experience,  drive,  and  a  security  clearance  we  encourage 
you  to  visit  our  website  to  learn  more  about  the  following  opportunities: 


•  Systems  Engineers 

•  Software  Engineers 

•  Intelligence  Analysts 


•  Military  Trainers 

•  Linguists 


Compensation  and  benefits  are  highly  competitive.  Please  visit  our  website  at: 
www.ms.northropgrumman.com/careers.  U.S.  Citizenship  is  required  for  most 
positions.  An  Equal  Opportunity  Employer  M/F/D/V. 


NORTHROP  GRUMMAN  Defining  the  future" 


Mission  Systems 


www.ms.northropgrumman.com/careers 

©2004  Northrop  Grumman  Corporation 
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Computer  Professionals 

(Multiple  Openings) 

ePace  Technologies,  Inc.  a 
worldwide  provider  of  software 
solutions  seeks  motivated  IT 
professionals  specializing  in 
Software  Engineering,  Systems 
Analysis,  Database  Administra¬ 
tion  and/or  Network  Administrat- 
or.  Successful  candidates  must 
have  a  Bachelors  degree  in 
Computer  Science.  Math,  Engin¬ 
eering.  Business,  or  related  dis¬ 
cipline  (or  equivalent  and  experi¬ 
ence)  in  the  following  skills: 
C/C++,  Java,  Web  Methods, 
Cold  Fusion,  Microsoft  Technol¬ 
ogies  (Visual  Basic,  NET,  ASP) 
CRM  (Siebel,  Clarify,  Vantive), 
Middle  Ware  Technologies 
(Orbix,  Corba,  Tibco,  Vitria)  Data 
Ware  Housing  Tools  (Informati¬ 
cs,  Data  Stage,  Abinitio,  Bus¬ 
iness  Objects,  Cognos,  Micro 
Strategy,  Brio)  ERP  (SAP, 
People  Soft,  Oracle  Apps, 
Baan),  Mainframe  (Cobol,  CICS, 
JCL,  VSAM)  AS400,  Ecom- 
merce,  Databases  (SQL  Server/ 
Oracle/DB2/Sybase),  Microsoft 
Windows(95/98/NT/2000,Excha 
nge),  UNIX  (Sun  Solaris,  HP, 
AIX),  Linux  and  QA  (Win  Run¬ 
ner,  Load  Runner,  Silk,  Quick- 
pro,  Manual  Testing). Must  be 
willing  to  travel  and/or  relocate 
to  unanticipated  locations  in  the 
United  States.  If  interested, 
please  mail  your  resume  to: 

Human  Resource  Director 
ePace  Technologies  Inc. 
3124  Old  Faithful  Road 
Suite  10 

Cheyenne,  WY  82003 


PROG-ANALYST 

Direct  &  implement  bus.  com¬ 
puter  &  Info.  Tech,  solutions. 
Analyze,  define,  dsgn  &  dvlp 
sys.  implmntns  &  upgrades  for 
clients.  Perform  sys.  analysis  & 
mgmt.  Provide  on-going  analyti¬ 
cal  &  prog,  support.  Report  pro¬ 
ject  status/progress  to  mgrs  & 
execs.  Interact  w/clients  to 
understand  bus.  drivers  &  pro¬ 
vide  leadership  on  the  use  of 
technology  to  address  their 
needs.  Assoc,  degree  in  Comp. 
Sci.  +  2  yrs  of  exp.  in  job  offered 
or  as  a  Comp.  Prog,  or  Sys. 
Analyst  reqd.  Must  have  exp. 
dsgng  &  maintaining  comp, 
applns  &  sys.  utilizing  AS/400, 
RPG,  SQL  and  CL.  High  mobility 
preferred.  40  hrs/wk,  OT  as 
reqd,  8am  -  5pm,  $66, 533/year. 
Qualified  applicants  please  sub¬ 
mit  resume  to  Manager,  Butler 
County  CareerLink,  Pullman 
Commerce  Center,  112  Holly¬ 
wood  Drive,  Suite  101,  Butler, 
PA  16001-5699.  Please  refer  to 
Job  Order  No.  WEB  412225. 


Network  Engineer,  Hamden,  CT 
-  sought  by  IT/S/ware  Co.  to 
dsgn,  configure  &  dvlp  networks. 
Integrate  diff.  server  platforms, 
test  &  ensure  operating  efficien¬ 
cy.  Must  have  Bach,  Deg  in 
Comp.  Sci  &  2  yrs  exp  in  job 
offd  or  2  yrs  exp  as  Sr  N/wrk 
Engr  or  Sys  Mgr  or  Admin.  In 
lieu  of  Bach  Deg  &  2yrs  exp  will 
accept  4  yrs  exp  as  Sr  N/wrk 
Engr  and/or  Sys  Mgr  or  Admin. 
Spvse  1.  Must  be  ced'd  in 
Windows  2000  Srver,  Exchange 
2000  Srver  &  Windows  2000 
Professional.  Send  resumes  to: 
VP,  SNP  Technologies,  Inc., 
1890  Dixwell  Ave„  #205, 
Hamden,  CT  06514. 


Dictaphone  Corp.  looking  for 
Principle  Engineer  for  our  Strat¬ 
ford,  CT  office.  Must  have  M.Sc. 
degree  in  Comp.  Sc.  or  related 
field  &  5  yrs.  of  exper.  dvlping. 
telecom.  &  web-based  embed¬ 
ded  prods.,  incl.  at  least  3  yrs.  of 
exper.  dvlping.  call  recording 
systs.  on  QNX  platform,  as  well 
as  exper.  dvlping.  network  par¬ 
sers,  network  device  drivers, 
packet  filtering,  &  packet  sniff¬ 
ing,  &  programming  w /  C/C++. 
Please  send  resume  to  HR 
Dept.,  Dictaphone  Corp.,  3191 
Broadbridge  Avenue,  Stratford, 
CT  06614.  AD  CODE  -  JP. 


Programmers  &  Software  Engin¬ 
eers  (Chicago,  IL  &  Atlanta,  GA): 
Analyze,  design,  develop,  test  & 
implement  specialized  apps.  in 
(a)  WebMethods  Oracle  Apps 
1 1  i,  Siebel,  JD  Edwards,  Clarify 
&  rel.  tools;  (b)  HIPAA,  Telecom, 
Banking  Apps.  in  Mainframe  / 
Oracle,  Java,  SQL  Server  and 
rel.  tech.;  (c)  Ariba  Buyer  / 
ORMS,  SAP,  JD  Edwards,  Main¬ 
frame  /  Mid-Range,  Java  Suite  & 
rel.  tools;  (d)  Java  Suite,  Ration¬ 
al  Rose,  MQ  Series,  WebLogic, 
Jakarta  Digester,  UNIX  Scripts, 
WebSphere,  DB2,  LDAP  Server 
&  rel.  tools,  on  Windows  /  Unix  / 
Sun  Solaris.  Send  resume  to, 
HR,  906  Lacey  Ave.,  Suite  # 
200,  Lisle,  IL  60536.  EOE. 


Business  Systems  Analyst, 
NH  IT  firm.  Req  Bachelor's 
deg.  in  Eng,  Comp  Sci  ,  pre¬ 
pare  project  proposals  that 
incl.  techlogy  evaluation,  cost 
estimations  &  risk  analysis  w/2 
yrs  of  exp.  Skilled  in  Microsoft 
project  and  MS  Excel.  Knowl. 
of  excel  add  on  risk  assess¬ 
ment  appli'ns  like  @Risk  is 
highly  desirable.  Apply  with  12 
copies  of  resume  to  HRD  to 
Worldwide  Information  Tech¬ 
nology  Services,  155  Fleet 
Street  Portsmouth,  New 
Hampshire  -  03801. 


Programmer:  design,  devel¬ 
op,  configure,  code,  and 
implement  computer  pro¬ 
grams;  maintain  and  trou¬ 
bleshoot  Edge  internal/exter¬ 
nal  issues;  update  Edge 
design  and  functionality.  Req. 
MS  in  CS  or  MIS  with  profi¬ 
ciency  in  HTML,  ASP,  VB¬ 
Script,  JavaScript,  IIS,  SQL 
Server.  8-5,  40hr/wk.  Send 
resume  to  Titan  Management 
Group,  LLC  at  1136  Zion 
Church  Road,  Building  B, 
Suite  130,  P.O.  Box  879, 
Braselton,  GA  30517. 


Prog/Analysts  to  analyze,  de¬ 
sign,  implement  appls  using 
C,  C++,  VC++,  Socket  Pro¬ 
gramming,  Shell  Scripting, 
TCP/IP,  Rational  Rose,  Clear 
Case,  etc.  under  Windows, 
Unix  and  VxWorks;  perform 
testing,  debugging,  documen¬ 
tation  of  appls;  maintain  and 
support  existing  appls.  Re¬ 
quire:  B.S.  or  foreign  equiv.  in 
CS/Engg  (any  branch)  &  2 
yrs  exp.  in  IT.  Travel  involved. 
F/T.  Comp,  salary.  Resumes 
to:  HR,  Ciphertrust,  Inc.,  4800 
North  Point  Parkway.  Ste  400, 
Alpharetta  GA  30022. 


Software  Engineers  needed  by 
Alpharetta  based  IT  Co  -  Bach¬ 
elors  degree  with  1-2  years  of 
experience  in  job.  Exp  in  Skill 
sets  incl:  C,  C++,  Java,  EJB, 
JSP,  Servlets,  XML,  UML,  4GL, 
XSTL,  TIBCO,  12,  Unix,  NT,  VB, 
ASP,  C#,  .Net,  AS/400,  COBOL, 
DB2,  CICS,  JCL,  MVS,  VSAM, 
Embeded/Firmware,  Oracle, 
SQL,  Natural,  Clearcase  Admin, 
MQSeries,  WEB  Methods, 
Vitria,  SAP,  Peoplesoft,  Infor¬ 
matics,  COGNOS,  Business 
Objects.  Send  resumes  to 
resumes@anisi.com.  Frequent 
travel  required. 


Computers  -  Programmer  An¬ 
alysts  needed.  Seeking  qual. 
candidates  possessing  MS  or 
equiv.  and/or  relevant  work  exp. 
Part  of  the  req.  relevant  exp. 
must  include  2  years  working 
with  VC++  and  1  year  working 
with  ASP  &  SQL  Server.  Exp. 
can  be  simultaneous.  Duties 
include:  Design,  develop  test 
and  maintain  software  applica¬ 
tions  including  middleware,  da¬ 
tabase  &  Internet  applications; 
Work  with  VC++,  ATL,  COM+, 
ASP,  SQL  Server.  XML/XSLT, 
MSMQ.  Mail  resume  &  ref.  to: 
Object  Solutions,  Inc.,  Attn:  HR, 
3025  Harbor  Lane,  #  312, 
Plymouth,  MN  55447-5119. 


Web-Database  Administrator/ 
Software  Engineer.  Seeking 
qualified  candidates  possess 
B.S  (Electronics  &  Communi¬ 
cation)  or  equivalent  with  related 
work  experience  of  3  to  5  years. 
M-F,  8AM-5PM.  Duties:  internet 
development,  ecommerce  appli¬ 
cations,  with  knowledge  of 
COM,  COM  +,  MTS,  IIS,  HTML, 
DHTML,  Java  Script,  Microsoft 
and  Sun  Technologies  with  data¬ 
bases  Oracle  8.1  &  MS  SQL 
Server  2000  and  MS-Access 
2000.  Please  send  resume  to 
Oxford  Affiliates  Inc.,  Attn:  Mr. 
Yakim  Lalani  4800  Texoma 
Pkwy,  Suite  202,  Sherman  TX, 
75090. 


Edify  Technologies,  Inc.  is  look¬ 
ing  for  Programmer  Analysts. 
Should  have  Bachelor's  degree 
in  Computer  Science,  Engineer¬ 
ing  or  related  field  with  2  years 
experience  in  C++,  Web  Ser¬ 
vices,  WML/  Peri/Shell  Scripts, 
XML,  cXML,  .NET  Remoting, 
RosettaNet,  Ant,  WebLogic, 
Siebel  EAI/EIM/Remote  Admin, 
Siebel  eScript/Email,  Clarify.  We 
accept  foreign  education  degree 
or  the  degree  equivalent  in  edu¬ 
cation  and  experience.  Send 
your  resume  to:  Edify  Technol¬ 
ogies,  Inc.  16614  Kingsbrook 
Dr.,  Crest  Hill,  IL-60435. 
e-mail:  resumes@edifytech.com 


LOOKING  FOR 
A  NEW 


Fast  Enterprises,  LLC  is 
seeking  Project  Managers  to 
direct  activities  surrounding 
implementation  and  installa¬ 
tion  of  COTS  solutions  for 
revenue  agencies  throughout 
the  U.S.  Interested,  degreed, 
experienced  professionals, 
please  respond  to: 

Project  Manager  Recruiting 
L.  Forest 

800  Park  Boulevard 
Suite  720 
Boise,  ID  83712 


IT  CAREER? 


Software  Engineers  needed. 
Seeking  candidates  possess¬ 
ing  BS/MS  or  equiv  and  rel 
work  exp.  Duties  include: 
Design  and  develop  software 
applications  and  work  with 
COBOL,  Java,  Oracle,  MVS, 
DB2  and  SQL.  Exp.  must 
include  2  years  working  with 
COBOL,  MVS  and  Oracle. 
Mail  resume,  refs  and  salary 
reqs  to:  Symbiosis  Inter¬ 
national,  3965  Okemos  Road, 
Suite  B2,  Okemos,  Ml  48864. 


CHECK  US  OUT  AT: 


WWW.ITCAREERS.COM 
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it  careers.com 


IT 


enterprise  integration 
network  vulnerabilities 
corporate  data  security 
government  compliance 
mobile  &  wireless  security 
business  management  needs 


The  right  IT  professional 
can  jump  the  hurdles  of 
today’s  IT  challenges. 


Call: 

(800)  762-2977 


SENIOR  TECHNICAL  TRAIN¬ 
ER:  Will  provide  product  training 
for  Brooks  -  PRI  semiconductor 
handling,  software  and  hard¬ 
ware  systems.  Will  design  and 
develop  course  materials,  certifi¬ 
cation  tests,  and  instruction 
plans  for  classroom  training.  Will 
train  clients,  including  OEM’s 
and  end  users,  as  well  as  com¬ 
pany  employees.  Will  develop 
online  training  courses  and 
audiovisual  training  tools.  Will 
supervise  junior  Technical  Train¬ 
ers.  Will  provide  emergency  field 
and  personnel  service  support 
assisting  Technical  Support 
Engineers  Requirements:  B.S.I 
B.A.  in  CS,  Electronics  or  Elec¬ 
trical  Engineering  or  related  field 
and  two  (2)  years  of  experience 
in  the  job  offered  or  two  (2) 
years  experience  in  the  related 
occupation  of  Technical  Support 
or  Network  Administration.  Also, 
demonstrated  expertise  in  sup¬ 
porting  or  working  with  semicon¬ 
ductor  handling  systems  hard¬ 
ware  as  well  as  control  system 
hardware  and  software.  Demon¬ 
strated  experience  providing 
training  and  technical  or  field 
support  for  internal  and  external 
customers.  Offered  salary  is 
$71, 250/year  for  full-time  em¬ 
ployment  (min.  40  hours  per 
week)  and  standard  company 
benefits.  EEO.  Submit  2  resum¬ 
es  and  respond  to  Case  No. 
200204239,  Division  of  Career 
Services.  Labor  Certification 
Unit,  19  Staniford  Street,  1st 
Floor,  Boston,  MA  02114. 


Programmer  Analyst.  Sought  by 
Englewood  Colorado  consulting 
company  to  work  in  various 
unanticipated  locations  through¬ 
out  the  U  S.  To  work  in  various 
unanticipated  locations  through¬ 
out  the  U.S.  Duties:  Under  direct 
supervision,  convert  project  spe¬ 
cifications  and  statements  of 
problems  and  procedures  into 
detailed  logical  flow  charts  for 
coding  into  computer  language. 
Develop  and  write  computer 
programs  to  store,  locate  and 
retrieve  specific  documents, 
data,  and  information.  Program 
web  sites.  Use  of  AS/400,  Java, 
RPG-IV,  CL-400.  Reqs.  Bachel¬ 
or  or  equivalent  in  Computer 
Science,  Computer  Engineering 
or  related  degree.  Plus  1  year  in 
the  job  offered  or  1  year  in  a 
related  occupation,  including 
Programmer,  Consultant  or 
Systems  Analyst.  $60, 000/year, 
40/hrs/wk,  8AM-5PM.  Respond 
by  resume  to  WORKFORCE 
DEVELOPMENT  PROGRAMS, 
PO  Box  46547,  Denver,  CO 
80202,  and  refer  to  Job  Order 
No.  CO5075223. 


BCC  USA  Inc,  Portland,  Maine 
needs  experienced  Database 
Administrators  having  a  Bach¬ 
elors  degree  or  equivalent 
with  minimum  two  years  of 
progressive  work  experience 
in  Sybase,  Oracle  and  MS- 
SQL-Server  database  installa¬ 
tion,  administration,  design, 
development  and  support. 
Knowledge  of  UNIX  and  Erwin 
is  a  plus.  Competitive  salary 
and  benefits.  M-F,  40  hours/ 
week.  Please  mail  your  res¬ 
ume  to  BCC  USA  Inc.,  HR 
Department,  480  Congress 
Street,  Portland,  ME  04101. 


Loan  Pricing  Corporation  has 
openings  for  Software  Engin¬ 
eers  in  its  NY  headquarters. 
Min  reqs  incl  Bach  in  Comp  Sci. 
Duties:  Research,  analyze, 
dsgn,  dvlp,  test  &  implmt 
s/ware  &  bus  applies  using 
PowerBuilder,  C,  C++,  Net¬ 
scape  LiveWire,  JavaScript, 
Java,  J2EE,  EJB,  iPlanet 
Webserver,  Oracle,  Sybase, 
MS  Visual  Cafe  IDE  &  JBuilder 
IDE  on  Win  &  Solaris.  Must 
have  legal  auth  to  work  in  US. 
Excellent  pay  &  benefits.  Send 
resume  w/proof  of  work  status 
to:  mfs@loanpricing.com. 


IT  PROFESSIONALS 

Manager,  Customer  Relation¬ 
ship  Management  (CRM)  (Glen 
Mills,  Pennsylvania  and  other 
locations  through  the  U.S.).  Re¬ 
view,  validate  analysis  &  devel¬ 
op  recommendations  to  clients 
with  respect  to  the  gathering, 
planning  &  scope  of  various  pro¬ 
jects  using  Siebel  tools.  Evalu¬ 
ate  &  select  approaches  &  strat¬ 
egies  with  respect  to  client  re¬ 
quirements  for  defining  technical 
architecture  and  preparing  user 
acceptance  test  plans  &  design¬ 
ing  &  assessing  technical  solu¬ 
tions.  Assess  implication  of 
changes  in  scope  of  projects. 
Communicate  to  client  regarding 
engagement  status,  progress  & 
impact  to  the  business.  Estab¬ 
lish  deliverable  structure  &  con¬ 
tent  &  review  deliverables  to  en¬ 
sure  client  expectations  are  met. 
Participate  in  the  development  & 
sharing  of  market  valued  intel¬ 
lectual  capital  including  best 
practices.  Identify  potential 
methodology  enhancements  & 
ensure  engagement  teams  are 
proficient  in  the  use  of  various 
Siebel  technologies  and  Data¬ 
warehousing  tools  (Informatica 
Powermart)  as  well  as  ERP 
applications  including  People- 
soft.  Select,  customize  &  lead 
applications  of  Siebel  tools  and 
methodologies  to  meet  propos¬ 
als  &  engagement  needs. 

WAGE:  $101, 000/year.  Hours 
worked:  Monday-Friday  9:00am- 
5:00pm.  MINIMUM  REQUIRE¬ 
MENTS:  Bachelor's  degree  or 
equivalent  in  Computer  Science, 
Engineering  (any  type).  Math, 
Business  Administration  or  Infor¬ 
mation  Systems  +  3  years  exp. 
in  the  job  offered  or  3  years  exp. 
as  a  Senior  Consultant,  Consult¬ 
ant,  or  Manager.  Related  experi¬ 
ence  must  include  identifying 
changes  in  the  scope  of  projects 
involving  design  and  assess¬ 
ment  of  technical  solutions  using 
various  Siebel  and  Dataware¬ 
housing  tools  and  Peoplesoft. 
Employer  will  accept  5  years  of 
professional  experience  in  the  IT 
industry  in  lieu  of  a  Bachelor's 
Degree. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number 
WEB411838  to  the:  Philadelphia 
NW  Careerlink,  FLC  Unit,  235 
W.  Chelten  Ave.,  Philadelphia, 
PA  19144.  EOE. 


PROG  ANALYST  - 
APPLNS  BUILD 

Dvlp  customized  applns  for  a 
single  consolidated  build  for  all 
Windows  Service,  ASP  & 
ASP.net  files  for  fin.  institutions. 
Config.  &  create  installation 
docs  to  client  framework  specs. 
Create  directories  &  perform 
white  &  black  box  testing.  BS 
degree  in  Comp.  Sci.,  Engnrg, 
Program.;  Electrical  or  Electron¬ 
ics  Engnrg  (or  equiv.  in  educ.  & 
exp.)  +  3  yrs  exp.  in  job  offered 
or  in  Software  Engnrg  for  Applns 
Build  reqd.  Must  know  KON- 
DOR,  NAnt,  Concurrent  Vers¬ 
ions  Systems,  XML  Database 
Migration  Engine,  ASP.net, 
J2EE  &  financial  industry  exp. 
High  mobility  preferred.  40 
hrs/wk,  OT  as  reqd,  8  am  -  5  pm, 
$66,730/yr.  Qualified  applicants 
please  submit  resumes  to 
Manager,  Butler  County  Career- 
Link,  Pullman  Commerce  Cen¬ 
ter,  112  Hollywood  Drive,  Suite 
101,  Butler,  PA  16001-5699. 
Please  refer  to  Job  Order  No. 
411805. 


Technical  Support  Specialist: 

Test  new  products  with  the  prin¬ 
cipal  and  techniques  of  electrical 
engineering.  Direct  and  coordi¬ 
nate  operation,  maintenance, 
and  repair  of  equipment.  Sup¬ 
port  engineering  personnel  in 
fabrication  of  test  control  appa¬ 
ratus  and  equipment  and  deter¬ 
mine  methods,  procedures,  and 
conditions  for  products  related  to 
laser  printers  and  copiers.  Req. 
BS  or  equivalent  in  Electrical 
Engineering  with  proficiency  in 
plastic  injection  molding  technol¬ 
ogy  and  molding  design.  40 
hr/wk;  9-6.  Send  resume  to 
Partsmart  Corp.  at  2870  N. 
Berkeley  Lake  Rd.,  NW,  Suite  5. 
Duluth,  GA  30096. 


DIRECTOR  OF  IT 

(HOLLYWOOD.  FLORIDA). 

RESPONSIBILITIES: 

■  Installation,  configuration,  and 
support  of  routers,  hubs,  and 
switches; 

Administration/proactive  main¬ 
tenance  on  the  network  and  ser¬ 
vers  of  a  200+  node  LAN/WAN; 

Management  of  external  serv¬ 
ice  providers  and  internal  staff  to 
provide  a  high  level  of  customer 
service  to  achieve  targeted,  pre¬ 
determined  service  levels; 

•  Responsible  for  assessing  re¬ 
quirements  and  providing  intelli¬ 
gence  to  the  IT  organization 
regarding  business  trends  and 
management  needs  and  con¬ 
cerns,  while  at  the  same  time 
educating,  sensitizing,  and  man¬ 
aging  the  expectations  of  the 
business  units  with  the  realities, 
challenges,  and  fundamentals  of 
IT; 

•  Development  and  service  the 
ongoing  partnership  with  internal 
customers/departments  main¬ 
taining  in-depth  knowledge  of 
business  operations; 

•  Development  and  execution  of 
IT  business  strategies,  informa¬ 
tion  requirements,  and  priorities; 

•  Driving  initial  customer  needs 
analyses; 

•  Ensuring  customer  requests 
are  compatible  with  technical 
direction; 

Prioritizing  needs  enterprise- 
wide,  and  participating  with  cus¬ 
tomers  in  the  development  of 
short  and  long  term  system 
plans; 

■  Using  established  practices 
and  procedures,  including  infra¬ 
structure  hardware/software 
standards; 

•  Evaluating  training  needs  and 
providing  career  development 
and  technical  guidelines  for 
staff;  researching  and  analyzing 
new  technologies  with  an  eye  to 
improving  company  processes. 

REQUIREMENTS: 

Bachelor  Degree  or  equivalent 
in  Computer  Science  or  Informa¬ 
tion  Systems.  Must  also  have 
four  years  experience  in  the 
areas  of  network  engineering 
design,  IT  support,  and  supervi¬ 
sion  and  management  of  IT  per¬ 
sonnel. 

SUBMIT  RESUME  TO: 

Joseph  C.  Neff,  General 
Manager  Teleplan,  (successor 
to:  A  Novo  Broadband  Inc.),  96 
Quigley  Boulevard,  New  Castle, 
Delaware  19720. 


Senior  Oracle  Database  Admin¬ 
istrator:  For  staffing  firm,  man¬ 
age  24x7  Oracle  8i/9i  production 
systems  on  Solaris  platform;  de¬ 
velop  &  maintain  disaster  recov¬ 
ery  plans  &  security  policies  & 
procedures;  tune  Oracle  &  ad¬ 
minister  Solaris  platform;  write 
SQL,  PL/SQL,  Ksh  &  Perl  scripts 
to  administer  system  &  database 
activities.  Req's:  Bachelor's  or 
equivalent  in  Comp  Sci,  Engin¬ 
eering  or  related  field.  5  yrs  exp 
in  job  offered.  Proficiency  in 
RMAN,  Netbackup,  StatsPack, 
TraceAnalyzer,  Advanced  Queu¬ 
ing,  Advanced  Replication,  Parti¬ 
tioning,  Unix  (Solaris  &  HP-UX) 
administration  (NIS,  NTP  & 
SSH),  DiskSuite  &  Raid  Manag¬ 
er  w/  A1000  &  D1000  storage 
units.  Gnu  tools  (Samba,  Orca, 
Cricket.  SeToolkit,  Gnats),  Nokia 
OSS  system  administration, 
Citrix  server  farms  on  Win2k 
servers,  Oracle9iAs  administra¬ 
tion  &  data  warehousing.  Must 
be  certified  in  Oracle  DBA  & 
Solaris  administration.  40hrs/wk. 
Send  res.  to  box  E-1,  P.O.  Box 
17182,  Phila.,  PA  19105. 


EVP  Customer  Relationship 
Management.  Oversee  project 
implementation  at  client  sites, 
manage  pre-sales  activities 
with  potential  clients,  &  design 
software  &  data  architecture. 
Involves  development  of  mar¬ 
keting  requirements  &  specifi¬ 
cations  for  clients,  people 
management,  training,  tutoring 
&  mentoring.  Req.  prior  exp.  as 
an  IT  manager  using  Quali- 
Ware  software  &  prior  exp.  w / 
IT  project  &  personnel  mgmt., 
database  architecture  &  data 
warehouse  systems  incl.  Orac¬ 
le.  Fax  or  email  resume/cover 
Itr.  To  Dimension  Initiatives 
Group,  914-934-1004,  resume 
@dig-d.com. 


IT  PROFESSIONALS 
Consultant 

(Glen  Mills.  Pennsylvania  and 
other  locations  through  the 
U.S  ).  Responsible  for  Siebel 
7.0  CRM  (Customer  Relation¬ 
ship  Management)  infrastruc¬ 
ture/architecture  and  implemen¬ 
tation  of  CRM  Data  Warehous¬ 
es.  Involved  in  architecture, 
infrastructure,  data  conversion 
and  interfaces  for  CRM  and 
CRM-related  data  warehousing 
implementations.  Deploy  and 
support  infrastructure  including 
Siebel  Call  Center,  Oracle, 
Actuate,  Brio  and  Informatica. 
Configure  architecture  compo¬ 
nents  including  IIS  (Internet 
Information  Services)  or  Apache 
web  servers.  Resonate  load  bal¬ 
ancers,  Actuate  or  Brio  reporting 
servers,  Siebel  server  compo¬ 
nents.  Oracle  databases,  mid¬ 
dleware  (TIBCO  adapters), 
application  interfaces,  workflow 
and  automation  tools  such  as 
AutoSys  and  data  warehousing 
components.  Engage  in  the 
design  and  development  of  data 
warehouse  reports  (using  Brio/ 
Actuate),  star  schemas,  dimen¬ 
sions,  facts,  slowly  changing  di¬ 
mensions  and  aggregate  dimen¬ 
sions  to  develop  real-time  and 
near  real-time  reporting  capabil¬ 
ities  in  the  areas  of  case  man¬ 
agement,  call  center  operations, 
sales  and  troubleshooting  for 
clients.  Responsible  for  the  de¬ 
velopment  of  ETL  (Informatica) 
mappings  to  extract  data  from 
CRM  and  operational  systems 
to  OLAP  (Online  Analytical  Pro¬ 
cessing)  and  enterprise  data 
warehouses  to  meet  the  analyti¬ 
cal  reporting  needs  of  clients. 
$74,751.70  per  year.  Monday- 
Friday,  9:00  am  to  5:00  pm. 

The  minimum  requirements  are 
as  follows:  Bachelor's  degree  in 
Computer  Science.  Math,  In-for¬ 
mation  Systems,  Engineering 
(any),  or  Business  +  2  years  of 
experience  in  the  job  offered  or 
2  years  of  experience  as  a 
Consultant,  Systems  Analyst  or 
Summer  Intern.  Related  experi¬ 
ence  must  include  Siebel  7.0 
CRM  (Customer  Relationship 
Management),  TIBCO  Middle¬ 
ware  Technologies,  OLAP  (On¬ 
line  Analytical  Processing),  ETL 
(Extract,  Transform,  and  Load) 
tools  including  Informatica,  and 
Brio  Reporting  Tool. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB- 
41 3848  to  the:  PA  Careerlink, 
FLC  Unit,  235  W.  Chelten  Aven¬ 
ue,  Philadelphia,  PA  19144. 
EOE. 


Sr.  Consultant.  We  are  seeking 
qualified  candidate(s)  to  analyze 
&  review  clients’  requirements  to 
plan  data  processing  systems 
and  network  operating  systems. 
Plan  layouts  and  the  installation 
of  new  network  systems  for 
small  businesses.  Design,  de¬ 
velop,  evaluate  and  implement 
techniques  for  software  pro¬ 
grams.  Manage  LAN  &  WAN 
stations  covering  upgrades  and 
all  computer  technical  work 
including  TCP/IP,  e-mail,  data¬ 
base  servers  &  Firewalls.  Reqd: 
Bachelor's  degree  in  Computer 
Science,  Math  or  Engineering, 
MCSE  and  2  years  related  expe¬ 
rience.  Please  send  resume  to 
All  Covered,  Inc.  275  Grove 
Street,  Suite  2-400,  Newton,  MA 
02466  or  fax  to  617-556-0250 
Attn:  Director  CS  or  e-mail  to 
mhartman@allcovered.com.  No 
calls,  please.  EOE 


Application  Architect  for  design 
and  support  of  the  Core  Lan 
Event  Mgmt.  system  utilizing 
sophisticated  analysis,  design 
and  programming  technologies 
including  Domino,  Web  sphere, 
Oracle,  Unix,  C/C++.  Java,  Java 
Script,  Visual  Basic,  DHTML, 
SQL,  XML  and  PC  operating 
systems.  Fulltime  (M-F)  position 
in  Boca  Raton  pays  market  level 
salary.  Applicants  with  a  Bach¬ 
elor’s  degree  in  Computer  Sci¬ 
ence/Computer  Engineering/ 
Informatics  Engineering  +  2 
years  experience  in  applications  | 
development  field,  send  resume 
only  to  CEO,  Core  Lan  Corp, 
10916  Ravel  Ct,  Suite  101 ,  Boca 
Raton.  FL  33498. 
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The  World  Of  Work  Is  Changing 
Every  Week. 


Luckily,  We  Are  Too! 

itcareers.com  is  now  powered 
by  CareerJournal.com! 

Search  for  jobs  and  post  your 
resume  here  on: 
www. itcareers.com 

or  call  (800)  762-2977 


TECHNICAL  LEAD.  Design,  dev¬ 
elop,  implement  software  apps. 
from  requirements.  Prepare/ana¬ 
lyze  detailed  workflow  chart  & 
diagram  to  illustrate  sequence  of 
steps  program  must  follow  to 
describe  input,  output,  and  logi¬ 
cal  operations,  applying  knowl¬ 
edge  of  RUP  software  methodol¬ 
ogy  and  object-oriented  software 
design  processes.  Analyze,  re¬ 
view  and  rewrite  programs  to 
increase  operating  efficiency  or 
adapt  program  to  new  require¬ 
ments  using  Visual  Basic,  Visual 
C++,  and  ASP.  Compile/write 
documentation  of  program  dev. 
and  subsequent  revisions;  re¬ 
view  code  written  by  team  mem¬ 
bers.  Aid  in  creating  prototype/ 
test  apps.  Lead  teams  of  Soft¬ 
ware  Developers.  Required: 
Bachelor’s  degree  or  foreign 
degree  equivalent  in  Comp.  Sci., 
Computer  Sys.  Engg.  or  closely 
related  field,  plus  2  years  exp.  in 
job  offered  or  as  Programmer/ 
Software  Engr.  Exp.  gained 
before,  during  and  after  degree 
will  be  accepted.  Must  include  1 
yr  of  exp.  using  RUP  methodolo¬ 
gy,  Visual  C++,  Visual  Basic, 
ASP.  Must  be  willing  to  travel  on 
long-  &  short-term  assignments 
to  client  sites  within  U.S.  Send 
resume  to:  Recruiter-Human 
Resources,  Paragon  Solutions, 
3625  Brookside  Pkwy,  Suite  300, 
Alpharetta,  GA  30022.  (No 
Phone  Calls) 

Applications  Support  Analyst 
sought  to  provide  end-user  sup¬ 
port,  resolve  problems  and  track 
resolutions  for  Miami.  FL  office 
of  law  firm  that  utilizes  a  variety 
of  applications.  Also  responsible 
for  providing  backup  support  to 
other  Information  Technology 
staff  as  needed,  to  include  meet¬ 
ing  with  vendors  and  training 
users  on  use  of  software.  Re¬ 
quirements  include  a  Bachelor's 
Degree  (or  equivalent)  in  Com¬ 
puter  Science,  Engineering, 
Information  Systems,  or  related 
field  plus  two  years  of  experi¬ 
ence  in  a  Windows  environment 
with  proficiency  in  the  following 
applications:  Windows  XP,  MS 
Office  Suite  and  legal  industry 
applications  such  as  DOCS 
Open,  Carpe  Diem,  Deltaview. 
IPRO,  Concordance  and  E- 
Binder.  Experience  working  in  a 
law  firm  or  corporate  environ¬ 
ment,  in  a  computer  support  ser¬ 
vices  area  on  a  local  area  net¬ 
work  is  preferred.  Competitive 
salary  and  benefits  offered. 
Interested  candidates  should 
send  resume  to:  Administrator 
(Job  Code  1208),  Hunton  & 
Williams  LLP,  1111  Brickell 
Avenue,  Suite  2500,  Miami, 
Florida  33131.  Equal  Opportun¬ 
ity  Employer. 

SYSTEMS  ENGINEER 

Specify,  design,  code  test  and 
maintain  systems  software  used 
by  company  application  in  the 
UNIX  environments  of  Sun  Sol¬ 
aris,  IBM  AIX.  Track  UNIX  tech¬ 
nology  directions  and  ensure 
that  company  products  are  tai¬ 
lored  appropriately  for  the  UNIX 
environment.  C  tree  experience 
and  knowledge  of  UNIX  system 
services:  threads,  daemon  pro¬ 
cesses,  signals  and  client-server 
architectures.  Must  carry  a 
beeper  travel  up  to  50%  of  the 
time.  3  years  of  C  ++  experience 
required.  Bachelor's  degree  or 
equivalent  in  Computer  Science 
or  related  field.  Five  years  of 
experience  in  job  offered  or 
related  occupation.  40  hours  per 
week,  8:00  a.m.  to  5:00  p.m, 
$72, 542. 88/year.  Must  have 
proof  of  legal  authority  to  work  in 
the  United  States.  Send  your 
resume  to  Madhavi  Bhadbhade, 
Nebraska  Department  of  Labor, 
P.O.  Box  94600,  Lincoln,  NE 
68509.  Refer  to  Job  Order 
TREL5-Y8N75-58428.  This 

advertisement  is  paid  for  by  the 
employer. 

Programmer  Analyst,  Delphi, 
multiple  positions,  to  program, 
analyze,  test,  troubleshoot  and 
develop  Delphi  software  as  a 
front  end  for  use  in  real-time 
muti-tiered  Tibco/DCOM  based 
business  system  applications 
installed  in  a  distributed  client 
server  environment  including 
implementation  in  an  intra/inter- 
net  environment.  May  use  tools 
such  as  MIDAS,  SOAP,  COM / 
DCOM,  Object  Pascal,  PVCS, 
Visual  Source  Safe,  Rational 
Clear  Case,  TOAD,  DLL,  Visual 
Basic,  Web  Logic  Server  or 
Quick  Reports  as  required  in 
performance  of  duties.  Requires 
Bachelor's  Degree  n  Computer 
Science,  Computer  Engineering 
or  Computer  Information  Sys¬ 
tems  and  one  year  experience  in 
the  job  offered  position.  Work 
location:  Various  unanticipated 
client  sites.  Send  resumes  only, 
no  calls,  to:  Genome  Inter¬ 
national  Corporation,  583 
D'Onofrio  Drive.  Madison,  Wl 
53719. 

I/O  Software,  Inc.  has  an 
opening  for  a  Business 
Development  Engineer  in 
Riverside,  CA.  Bachelor’s 
degree  in  Engineering  or 
related  w/5  yrs  as  Manager/ 
Engineering  support.  Bio¬ 
metrics  security  technology; 

PC  OEM  and  Smart  Card 

security  technology  for  busi¬ 
ness  development  and  sales 
reqd.  Please  send  resume  to: 
jobs@iosoftware.com 

Software  engineers/system  ana¬ 
lyst  wanted  by  Saras  America  to 
design  and  develop  applications 
using  various  skills.  Min  is 
BS/MS  with  exp  in  IT  field. 
Traveling  is  required  for  some 
positions.  We  offer  competitive 
salary  with  full  benefit.  Please 
send  resumes  to  hr<S)Saras 
America.com.  EOE.  No  calls. 

Emergtech  is  looking  for  IT  pro¬ 
fessionals  to  design  software 
and  computer  systems  to  meet 
project  requirements.  Candi¬ 
dates  must  have  BS/MS  degree 
plus  experience  in  the  computer 
field.  We  are  small  but  stable. 
Travel  maybe  required.  Please 
send  resumes  to  iob®emera 
techinc.com.  EOE. 

IT  Education  &  Training  Directory 


)ontact  the  companies  listed  below 
)  help  you  with  your  training  needs! 


To  place  your  ad  please  call  800-762-2977 


IPexpert,  Inc. 

(866)  225-8064 
www.ipexpert.com 
CCIE  (R&S,  SEC,  and  C&S), 
CCNP,  CCNA,  IP  Telephony 


CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
www.cbtnuggets.com 
Affordable  training  videos  on  CD 
MCSE,  MCDBA,  MCSD,  CCNA, 
Citrix,  Linux,  A+,  Net  + 
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first  AS!C  and  hardware  combina¬ 
tion  for  XML  processing  at  gigabit 
speed  in  data  centers.  The  com¬ 
pany  says  it  eventually  will  re¬ 
lease  its  ASIC  on  a  PCI  card. 

Experts  say  corporate  net¬ 
works  will  need  to  incorporate 
“XML  awareness"  into  every¬ 
thing  from  routers  and  switches 
to  servers  and  blades  to  storage 
devices  and  access  control 
points,  because  XML  messages 
demand  huge  chunks  of  pro¬ 
cessing  power. 

They  need  that  power  to  parse 
and  decipher  extensions  for  fea¬ 
tures  such  as  routing,  security, 
encryption,  management  and 
process  workflow.  Silicon  appears 
to  be  the  logical  way  to  make  that 
happen,  according  to  the  experts. 

“A  gigabit  is  just  the  table  stakes 
for  embedding  something  in  net¬ 
work  infrastructure,”  says  Eugene 
Kuznetsov,  founder  and  CTO  of 
DataPower.  “Users  want  XML  to 
run  at  wire  speed.” 

Silicon  is  the  solution 

Today,  vendors  such  as  Data¬ 
Power,  Forum  Systems,  Layer  7 
Technologies,  Reactivity  Sarvega, 
Vordel  and  Westbridge  provide 
dedicated  hardware,  appliances 
or  software  to  speed  the  trans¬ 
formation,  schema  validation, 
routing  and  security  of  XML 
messages. 

Tarari  and  Conformative  tackle 
the  problem  with  silicon,  and 
more-traditional  network  ven¬ 
dors,  such  as  Computer  Associ¬ 
ates  and  Foundry  Networks,  also 
are  adding  capabilities  to  take 
on  XML  chores. 

Research  by  IBM  Labs  shows 
that  even  small  XML-based  docu¬ 
ments  can  increase  the  CPU  cost 
of  a  relational  database  transac- 
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■  THIS  WEEK’S  QUESTION: 

Which  company  ranked 
as  the  fastest-growing 
business  on  this  year’s 
Network  World  200  list? 


Stumped?  Get  the  answer  online. 
Visit  Network  World  fusion  and  enter 
2349  in  the  Search  box. 


■  HOW  IT  WORKS 
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XML  document 


Accelerator  parses  an 
incoming  message  and 
reads  data  in  headers  and 
payload  of  message  to 
determine  what  it  is.  It 
validates  the  XML  schema 
and  ensures  there  is  no 
malicious  code  and  then 
filters  the  message  based 
on  a  set  of  security  rules. 


Processing  XML 

An  XML  accelerator  processes  an  XML 
message,  which  contains  validation, 
transformation  and  routing.  Here  is  a 
look  at  the  processing  needed  to 
determine  the  security  that  is 
contained  within  a  message. 


XML  accelerator 


of  the  message  are 
decrypted  (XML  allows 
encryption  to  be 
applied  to  select 
strings  of  data).  Digital 
signatures  are  verified 
to  ensure  payload  has 
not  been  modified  in 
transit. 


Application  X  /I 
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The  message  is  parsed 
again  to  include  the  de¬ 
crypted  data  and  a  digital 
signature  is  applied  to 
prevent  tampering.  An 
XML  address  translation 
is  performed  to  hide 
back-end  servers.  The 
message  is  encrypted  and 
sent  on  its  way. 


SOURCE;  NETWORK  WORLD.  DATAPOWER 


tion  by  up  to  10  times  in  the 
absence  of  a  dedicated  XML  pro¬ 
cessing  engine.  The  research  con¬ 
cluded  that  XML  parsing  could 
have  a  “potentially  fatal  impact” 
on  high-performance,  transac¬ 
tion-oriented  database  applica¬ 
tions  that  use  XML. 

Research  firm  ZapThink  says 
XML  is  expected  to  account  for 
more  than  25%  of  network  traf¬ 
fic  by  2006,  up  from  just  less 
than  2%  today. 

“The  flood  of  XML-based  net¬ 
work  traffic  is  something  to  look 
at  in  2004,  something  to  worry 
about  in  2005  and  something  to 
lose  your  job  over  in  2006,”  says 
Frank  Dzubeck,  president  and 
CEO  of  Communications  Net¬ 
work  Architects,  an  industry 
analysis  firm. 

“Everything  is  moving  toward 
XML,  it’s  business  traffic,  it’s  some¬ 
thing  that  is  no  longer  the  excep¬ 
tion,  it  is  the  rule,”  he  says. 

Today,  dedicated  appliances 
aggregate  and  process  XML  traf¬ 
fic,  but  in  the  near  future  special¬ 
ized  silicon  will  spread  XML 
duties  throughout  the  network, 
experts  say 

The  evolution  is  a  natural  one 
in  that  it  follows  a  well-worn  path 
that  has  seen  CPU-intensive  tasks 
move  from  the  application  layer 
to  the  networking  layer.  Ex¬ 
amples  include  routing,  load  bal¬ 
ancing  and  encryption/decryp¬ 
tion  for  Secure  Sockets  Layer. 

“We  use  Web  services  all  over 
the  place  and  XML  is  quickly  be¬ 
coming  the  lingua  franca  of  mes¬ 
saging,”  says  Taruvaj  Subra- 
maniam,  chief  architect  for 
RouteOne.a  joint  venture  formed 
by  DaimlerChrysler  Services, 


Ford  Motor  Credit  Company, 
GMAC  and  Toyota  Financial 
Services  to  provide  a  Web-based 
credit  application-management 
system  for  automobile  dealers 
and  the  auto  finance  industry. 
Today,  Subramaniam  uses  Data- 
Power’s  XS40  XML  Security  Gate¬ 
way  appliance  to  process  digital 
signatures  attached  to  XML  mes¬ 
sages,  but  he  suspects  in  the 
future  that  his  entire  network  in¬ 
frastructure  will  have  to  under¬ 
stand  XML. 

“1  used  to  parse  HTTP-Post  mes¬ 
sages  but  1  don’t  do  that  today, the 
infrastructure  does  that  for  you.  I 
suspect  that  will  happen  in  the 
XML  world  also,”  Subramaniam 
says.  “I  really  only  need  to  deal 
with  the  business  part  of  the  XML 
message  payload,  and  all  the 
other  stuff  should  go  into  the 
infrastructure.” 


Where  will  it  go? 

The  big  question  is  where  in 
the  infrastructure  that  will  be, 
according  to  Tom  Rhinelander, 
an  analyst  with  New  Rowley 
Group. 

“No  one  really  understands 
where  this  is  going,  but  these  ven¬ 
dors  are  making  it  so  any  system 
can  process  XML,”  he  says. 

That’s  the  idea  behind  Data- 
Power’s  DXE  chip,  which  per¬ 
forms  XML  schema  validation, 
XPath  queries  and  security  oper¬ 
ations.  DXE  will  be  available  next 
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week  to  OEMs  on  PCI  and  PMC 
cards,  and  on  PCI-X  this  summer, 
the  company  says.  The  goal  is  to 
push  DXE  and  its  related  firm¬ 
ware  and  drivers  into  switches, 
security  appliances,  blade 
servers,  load  balancers,  and  stor¬ 
age  and  virtualization  devices. 

“We  are  talking  about  broader 
XML  processing,”  DataPower’s 
Kuznetsov  says.  “We  see  our¬ 
selves  as  the  XML-aware  net¬ 
working  sub-system  vendor.” 

Tarari  has  similar  thoughts  with 
its  RAX  Content  Processor,  a  sili¬ 
con-based  processing  engine  on 
a  PCI  card  that  plugs  into  servers, 
appliances  or  network  devices. 
RAX  defines  a  process  for  quickly 
dissecting  XML  messages  that 
Tarari  will  submit  to  the  World 
Wide  Web  Consortium  for  review 
as  a  standard  and  alternative  to 
the  existing  XML  parsing  stan¬ 
dards  Document  Object  Model 
and  Simple  API  for  XML. 

“We’re  not  a  proxy  model  like 
the  appliance  vendors;  we  are  a 
component  model  that  can  be 
used  in  the  big-guy  switches,” 
says  John  Bromhead.Tarari’s  vice 
president  of  marketing. 

Major  vendors  Cisco,  F5  Net¬ 
works  and  Nortel,  say  they  are 
watching.  Foundry  last  month 
announced  two  high-powered 
Serverlron  switches  that  include 
XML  tag  switching,  a  first  cut  at 
XML  traffic  control. 

“We  are  not  working  on  any 
particular  XML  acceleration 
today,  but  we  could  absolutely 
do  that,”  says  Chandra  Koppa- 
rapu,  vice  president  of  multi¬ 
layer  switches  at  Foundry 

Conformative’s  CSXi  server 
appliance, slated  to  ship  later  this 
year,  features  a  proprietary  ASIC 
that  processes  XML  at  a  through¬ 
put  beyond  1G  bit/sec.  CSXi  is 


aimed  at  data  centers,  and  Con- 
formative  plans  to  put  its  ASIC  on 
a  PCI  card. 

“XML  is  going  to  move  up  the 
priority  list  of  what  has  to  be  pro¬ 
cessed;  and  the  ability  of  sub-sys¬ 
tems,  such  as  storage,  network¬ 
ing, application  servers  and  secu¬ 
rity,  to  process  XML  efficiently 
will  become  critical,”  says  John 
Derrick,  CEO  of  Conformative. 

Competitors  also  are  thinking 
how  they  will  adapt. 

“We’d  be  well  served  to  have  the 
ability  to  OEM  our  technology 
says  Girish  Juneja,  co-founder  of 
Sarvega,  which  builds  its  XML 
appliances  using  its  proprietary 
Xesos  operating  system. 

Experts  say  convergence  be¬ 
tween  infrastructure  gear  and 
XML  is  inevitable. 

“You  just  can’t  take  XML  and 
drop  it  into  the  network  as  a 
separate  layer,  the  XML  network 
becomes  embedded  in  the 
existing  infrastructure,”  says 
Randy  Heffner,  an  analyst  at 
Forrester  Research. 

“For  example,  management 
needs  separate  XML  capabilities 
but  that  could  be  integrated  with 
HP  OpenView,  Computer  Asso¬ 
ciates, Tivoli,”  he  adds. 

CA  has  integrated  DataBowers 
security  gateway  into  its  Uni¬ 
center  Web  Services  Distributed 
Management  platform  and  its 
eTrust  family  of  products.  The 
company  is  working  on  integra¬ 
tion  with  Forum  and  Reactivity. 

“We  don’t  think  Web  services 
and  XML  processing  will  be  han¬ 
dled  by  a  single  box;  there  will 
be  many  processing  points,”  says 
Dmitri  Tcherevik,  vice  president 
of  Web  services  for  CA.  ■ 
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N+l 

continued  from  page  1 

this  year,  industry  watchers  say 
vendors  are  using  N+I  as  a 
launching  pad  for  products,  with 
the  hope  that  it  will  get  their 
names  on  buyers’ wish  lists. 

“A  lot  of  [buyers]  couldn’t  do 
upgrades  over  the  past  few  years, 
and  they  realize  if  they  don’t 
start  making  investments  in  cer¬ 
tain  strategic  areas  they  are 
going  to  fall  behind,”  says 
Stephen  Elliot,  a  senior  analyst 
at  IDC. 

BMC  Software,  Enterasys  Net¬ 
works,  Extreme  Networks,  Foun¬ 
dry  Networks  and  Packeteer  are 
among  the  companies  that  will 
use  the  show  to  roll  out 
new  wares. 

Switching  news 

•  Enterasys  will  unveil  software 
for  its  Matrix  N  Series  switches 
that  lets  corporations  enforce 
switch-based  authentication  and 
network  security  policies  with¬ 
out  replacing  wiring  closet 
switches  or  WLAN  access  points. 
Matrix  N  Series  switches  with  the 
new  software  will  let  customers 
enforce  polices  at  the  network 
aggregation  layer,  meaning  they 
can  use  third-party  products  at 
the  edge  that  do  not  support 
switch-based  security. 

Enterasys  also  will  announce  a 
Dragon  Intrusion  Detection  Sys¬ 
tem  (IDS)  software  module  for 
its  NetSite  Atlas  switch  manage¬ 
ment  platform.  The  N  Series 
upgrades  are  free  for  customers 
with  support  contracts,  and  will 
be  standard  on  all  new  N  Series 
products.The  Dragon  IDS  NetSite 


ExtremeWare  XOS  runs  on 
Extreme's  BlackDiamond  10K,  and 
allows  users  to  carve  up  the  box 
into  eight  virtual  switches. 


module  starts  at  $  1 6,000  for  sup¬ 
porting  about  250  users. 

•  Extreme  is  launching  a 
revised  version  of  its  Ex¬ 
tremeWare  XOS  modular  switch 
software,  which  is  based  on 
Linux.Announced  in  December 
2003,  along  with  its  BlackDia¬ 
mond  10K  switch,  the  software 
lets  users  stop  and  start  network 
protocols  and  services  without 
taking  the  device  offline. 

A  new  feature  in  ExtremeWare 
XOS  will  let  users  cluster  ports 
across  the  10K  —  even  across 
different  modules  —  to  create 
virtual  switches.  The  virtual 
switches  can  be  managed  as 
individual  devices  and  used  for 
different  functions,  such  as  load 
balancing,  routing  or  security 

•  Foundry  will  launch  prod¬ 
ucts  that  add  IPv6  sup¬ 
port  to  its  BigIron“Mucho 
Grande”  switch  line, 
which  includes  the 
Biglron  MG8  backbone 
switch  for  corporations. 

The  modules  include 
two-  and  four-port  10G 
Ethernet  blades  ($35,000  and 
$50,000,  respectively),  and  40- 
port  Gigabit  blades  ($45,000 
with  10/1 00/ 1 000M  bit/sec  ports 
or  $50,000  with  fiber  ports). 
Foundry  also  is  announcing  a  60- 
port  10/100/100  blade  with  IPv6 
support  for  $45,000. 

•  Crescendo  will  introduce  its 
Maestro  data  center  appliance,  a 
device  that  offloads  network 
functions  from  servers  to  speed 
application  processing.  The  box, 
an  eight-port  Gigabit  Ethernet 
switch  that  connects  directly  to 
servers  or  can  sit  next  to  a  server 
load  balancer,  performs  Secure 
Sockets  Layer/TCP  offload,  com¬ 
pression  and  Remote  Direct 
Memory  Access  switching.  It 
costs  $30,000. 

Security 

•  SecureWave,  a  4-year-old 
Luxembourg  security  company 
launching  in  the  U.S.,  will 
announce  the  first  three  prod¬ 
ucts  of  its  Windows  desk¬ 
top/server  security  suite  called 
Sanctuary. 

Sanctuary  Application  Control 
software  for  Windows  98,  2000, 
XP  and  NT  creates  whitelists  of 
approved  executables  so  any 
unauthorized  applications  are 
cut  off  as  they  attempt  to  launch. 
The  software  comes  in  two  ver¬ 
sions:  Custom  Edition,  which 
allows  grouping  users  and 
assigning  them  different  sets  of 
approved  applications;  and 
Desktop,  which  supports  only 
one  blanket  policy. 

The  second  product,  Sanctuary 


Service  synopsis 


BMC  Software  added  network  monitoring  capabilities  to  its 
Patrol  DashBoard  software,  which  the  company  says  gives 
IT  managers  an  integrated  view  of  service  performance. 
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Displays  performance  data 
from  network  devices  such 
as  routers  and  switches. 


ln« 


The  software 
network  device  perform¬ 
ance  affects  application 
performance. 
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Device  Control,  limits  the  de¬ 
vices  to  which  files  can  be 
exported,  preventing  sensitive 
data  from  being  copied  to  USB 
fobs  or  external  drives,  or  even 
printed.  And  the  third  product, 
Sanctuary  Policy  Manager  is 
used  to  set  security  policies  and 
push  them  to  servers  and 
desktops. 


Crescendo's  Maestro  appliance  has 
eight  Gigabit  Ethernet  ports,  and 
can  offload  TCP  and  SSL  process¬ 
ing  from  servers. 

Sanctuary  supports  Windows 
operating  systems  only  Pricing 
starts  at  $1 1,000  for  250  licenses. 

•  RedSiren,  a  managed  service 
provider,  is  using  the  show  to 
announce  two  new  services: 
Trusted  Adviser  Program  (TAP) 
and  Continuous  Vulnerability 
Management.  TAP  is  an  annual 
service  that  starts  out  with  an  ini¬ 
tial  security  benchmark  and 
includes  monthly  advisory  meet¬ 
ings  to  review  network  security 
and  quarterly  planning  meet¬ 
ings.  TAP  costs  $40,000  per  year. 
Continuous  Vulnerability  Man¬ 
agement  is  a  continuous  moni¬ 
toring  program  that  includes  rec¬ 
ommendations  about  how  to 
address  problems. This  service  is 
billed  depending  on  the  number 
of  network  assets  and  pricing 
starts  at  $1,100  per  month. 

•  Columbitech  is  adding  end¬ 
point  security  to  its  Columbitech 


Network  managers  can 
pre-define  services,  and 
Patrol  DashBoard  will 
alert  them  when  thresh¬ 
olds  are  exceeded. 


Enterprise  Server  software,  mak¬ 
ing  it  possible  to  force  wireless 
devices  to  meet  security  policies 
before  they  are  allowed  access 
to  secure  networks.  Columbitech 
also  is  adding  the  ability  to  draw 
on  other  vendors’  directories  to 
authorize  users  for  specific 
resources  on  the  network.  Pric¬ 
ing  starts  at  $5,000  per  server. 

Management 

•  Packeteer  is  introducing  an 
upgrade  for  its  Xpress  software 
for  the  company’s  PacketShaper 
WAN  traffic  management  appli¬ 
ance  that  improves  data  com¬ 
pression  and  adds  a  new  report¬ 
ing  tool. 

The  company  says  the  new 
algorithm  boosts  average  com¬ 
pression  to  about  60%,  with 
some  traffic  compressing  90%. 
The  algorithm  predicts  what 
traffic  will  follow  by  looking  at 
what  traffic  has  gone  before 
and  abbreviates  the  predicted 
string. 

The  previous  algorithm  would 
abbreviate  strings  only  after 
comparing  them  to  its  stored 
library  of  repetitive  traffic,  and 
compressed  data  by  50%  on 
average.  The  new  algorithm  can 
be  used  with  existing  gear  run¬ 
ning  PacketShaper  Express  and 
is  free  for  customers  with  ser¬ 
vice  contracts. 

The  reporting  too, which  will  be 
available  this  month,  will  let 
users  track  the  top  WAN  traffic 
types  by  volume  and  how  much 
each  type  is  being  compressed. 
PacketShaper  Xpress  is  an  add¬ 


on  to  PacketShaper  appliances 
and  starts  at  $1,000. 

•  BMC,  whose  core  strength  is 
systems  and  applications  man¬ 
agement,  will  use  the  show  to 
announce  it  is  partnering  with 
Packeteer  to  add  network  and 
traffic  monitoring  features 
to  BMC’s  Patrol  DashBoard 
software. 

DashBoard  6.7,  software  that 
installs  on  a  server  and  typically 
uses  SNMP  to  poll  network 
devices,  will  support  Packeteer 
products  such  as  PacketShaper, 
out  of  the  box.  That  will  let 
DashBoard  integrate  traffic  flow 
data  with  systems  and  applica¬ 
tion  events  collected  by  prod¬ 
ucts  such  as  BMC  Event  Man¬ 
ager  and  BMC  Service  Impact. 
BMC  also  added  support 
for  Nortel’s  Alteon  load  bal¬ 
ancers;  Nokia  and  Cisco 
firewalls;  Cisco  IPSec  VPNs 
and  Cisco  Netflow  proto¬ 
cols.  Pricing  for  Patrol 
DashBoard  6.7  starts  at 
$3,500. 

•  Ipswitch  will  unveil  its 
plans  to  make  its  midsize  man¬ 
agement  software,  WhatsUp 
Gold,  available  in  three  ver¬ 
sions:  WhatsUp  Small  Business 
2004,  WhatsUp  Professional 
2004  and  WhatsUp  Enterprise. 
WhatsUp  Small  Business  costs 
$300  and  will  monitor  up  to  10 
devices.  WhatsUp  Professional 
2004,  which  will  cost  $1,200 
when  it  is  available  later  this 
year,  includes  a  central  device 
list  stored  on  an  SQL  back  end 
that  will  let  users  view  different 
status  reports  and  perform  mul¬ 
tiple  queries. 

WhatsUp  Enterprise,  which  will 
cost  $3,000  to  $4,000,  will  sup¬ 
port  asset  management  and  hier¬ 
archical  monitoring,  and  will  let 
customers  track  performance 
across  larger  networks. 

•  Ipsum  Networks  will  add 
multi-protocol,  and  multi-user 
support  to  its  latest  Route  Dy¬ 
namics  2.3  release.  Route  Dy¬ 
namics,  software  embedded  in  a 
network  appliance  that  monitors 
enterprise  routing  and  gathers 
data  at  the  IP  layer,  monitors  and 
records  what  and  how  routers 
communicate  and  sets  off 
alarms  when  performance  drops 
below  specified  levels. 

The  new  release  provides  visi¬ 
bility  into  network-wide,  multi¬ 
protocol  IP  routing  activity,  en¬ 
abling  users  to  predict,  monitor 
and  analyze  routing  problems. 
Pricing  starts  at  $20,000. 
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BackSpin  Mark  Gibbs 


Getting  rid  of  scumware.  Mostly. 


few  weeks  ago  I  was  discussing 
anomalous  error  messages  and 
reader  Aaron  Wayman  sent  in 
the  following  Windows  error  text: 

“While  validating  that  COM2  was 
really  a  serial  port,  the  contents  of 
the  divisor  latch  register  was  identi¬ 
cal  to  the  interrupt  enable  and  the 
receive  registers. The  device  is  assumed  not  to  be  a 
serial  port  and  will  be  deleted.” 

Reader  Mark  Rice  contributed  a  Veritas  Net- 
Backup  error  message: 

“ERROR:  invalid  error  number.” 

Reader  John  Day  came  up  with  my  favorite  of  all, 
which  requires  a  little  explanation: 

“ARPANet  [Terminal  Interface  Processors]  were  a 
bit  like  what  an  X.25  PAD  became. . . .  BBN  got  the 
bright  idea  to  give  it  better  capability  and  support  a 
much  richer  user  interface.  Good  idea.  But  its  stan¬ 
dard  error  message  was: “won’t.”  Not  can’t.  Just  won’t. 

Anyway,  where  were  we?  Oh  yes,  for  the  past  two 
weeks  I’ve  written  about  spyware,  and  last  week 
gave  you  a  simple  model  for  figuring  out  what  spy- 
ware  might  cost  you.  And  it  seems  from  your  letters 
that  the  spyware  problem  is  even  bigger  than  many 
of  us  believed! 

Reader  Michael  Dunn  reported  that  there  are 
many  “legitimate  sites  that  aid  scumware  vendors 


in  their  endeavors  by  bundling  spyware  on  down¬ 
loads,  or  hosting  ActiveX  or  Java  code  that  exploits 
visitor’s  browsers.  More  importantly,  many  of  these 
scumware  providers  are  violating  federal  laws  and 
exploiting  children  with  their ‘products’.” 

Dunn  has  seen  something  that  should  be  a  seri¬ 
ous  concern  to  any  organization: “The  biggest  prob¬ 
lem  we  have  encountered  are  the  ‘adware’  products 
that  serve  up  pop-up  windows.  We  have  seen 
repeated  instances  of  this  kind  of  scumware  serv¬ 
ing  up  pornography,  which  is  particularly  disturbing 
when  it  shows  up  on  computers  serving  young  chil¬ 
dren. This  is  a  blatant  violation  of  federal  and  local 
pornography  statues,  but  little  is  being  done.” 

He  concludes  that,  despite  maintaining  a  router 
blocklist  and  spending  lots  of  time  and  effort  to  pre¬ 
vent  and  block  scumware, “like  spam,  it’s  a  losing 
fight.” 

I  think  we’re  all  feeling  Dunn’s  pain.  First  we  had 
viruses,  then  spam,  now  it’s  adware  and  spyware. 
Each  new  wave  of  problems  has  cost  us  time, 
money,  handfuls  of  hair  and,  for  those  of  us  so 
inclined,  really  bad  hangovers. 

What  this  tells  me  is  four  things.  First,  IT  is  indis¬ 
pensable  in  this  whole  mess.  After  spyware  and 
adware  will  come  something  else  and  after  that 
something  else  again.  Only  the  expertise  of  profes¬ 
sional  IT  people  can  hold  back  the  chaos. 


Second,  as  I  have  written  before,  legislation  cannot 
significantly  address  the  scumware  problem.  Even 
so,  huge  amounts  of  time  and  money  will  inevitably 
be  wasted  trying  to  legislate  against  it.  Just  ignore  the 
politicians  behind  the  curtain. 

Third,  while  user  education  is  helpful.it  can  only 
help  to  a  limited  degree.  Users  hardly  understand 
how  their  computers  do  the  most  basic  tasks  so 
any  illusions  you  might  have  about  them  figuring 
out  that  they  should  not  load  this  free  toolbar  or 
that  cute  screen  saver  are  totally  wasted. 

Fourth  and  finally  technology  caused  the  prob¬ 
lem,  technology  will  solve  it. Whether  it  will  be 
through  anti-scumware  utilities,  better  client-side 
management  or  some  other  method,  technology 
will  reduce  the  problem  to  a  manageable  level.  1 
say  manageable  because  the  problem  can’t  be 
solved  any  more  definitively  than  can  the  problems 
of  viruses  or  spam. 

The  most  important  thing  you  can  do  about 
scumware  is  learn  how  your  organization  is  being 
affected  and  keep  up  with  the  best  practices  for 
solving  the  problem  as  it  evolves.  Good  luck,  and 
rest  assured  you  are  going  to  have  a  job  for  a  long 
time  to  come. 

Hold  the  scumware  but  forward  your  thoughts  to 
backspin  @gibbs.  com. 


By  Adam  Gaffin 

Best  use  of  Linux,  bar  none 

Bar  Monkey  is  a  home  bar  setup  that 
mixes  and  pours  drinks  for  you.  Check 


out  the  component  list: 

Kit  108  relay  actuator;  Maytag  Icemaker  valve  model  #  12001415;  FloJet  N5000- 
140  pump;  Standard  CO2  tank;  Standard  CO2  Regulator;  Mandrake  Linux  Version 
9.1;  Korn  Shell. 

One  of  the  builders  posts  pictures: 

“This  is  a  picture  of  the  laptop. ...  I  am  in  the  process  of  creating  a  large  data¬ 
base  of  drinks  for  use  with  the  bar  monkey.  In  the  end,  you  will  be  able  to  select 
items  that  you  have  in  your  inventory,  and  it  will  automatically  show  you  only 
drinks  that  you  have  ingredients  for.” 

See  more  at  www.nwfusion.com,  DocFinder:  1842. 


A  couple  of  interesting  security  links 

WormRadar  (DocFinder:  1843)  is  an  effort  to  build  a  distributed  worm  honeypot. 
Download  the  software,  and  your  PC  helps  collect  data  on  worms,  which  are  then 
compiled  into  a  chart  that’s  updated  every  30  minutes. 

DNS  Cache  Snooping  (DocFinder:  1844)  is  a  paper  that  examines  ways  to  read 
the  caches  of  frequently  requested  addresses  from  certain  DNS  servers.  Why 
would  anybody  care? To  start,  there's  "typosquatting"  —  if  you  could  see  how 
people  commonly  misspell  certain  URLs,  you  could  try  to  register  the  misspelled 
names  and  pick  up  some  income  through  pop-up  ads.  Or  read  all  the  mail  with 
misspelled  domains  (voila  —  instant  spam  database!). The  author  discusses  other 
possible  uses  of  such  snooping  and  proposes  a  fix  for  BIND  DNS. 
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other  natural  phenomenon  to  describe  —  and  improve  —  networking?  Werner 
Vogels  offers  links  to  papers  on  epidemic  techniques  for  distributing  data  across 
large  networks  of  servers.  Rather  than  using  bandwidth-intensive  synchronized 
replication,  epidemic  systems  try  to  mimic  disease  epidemics  for  distributing 
data.This  happens  via  algorithms  that  use  randomization  techiques  to  ensure 
that,  eventually,  every  server  is  “infected”  with  new  data.  One  technique  is  a  bit 
anthrocentric  —  it’s  called  “rumor  mongering"  (although  because  these  are  com¬ 
puters  we’re  talking  about,  one  presumes  the  message  doesn’t  degrade  or  change 
from  one  recipient  to  the  next).  Read  more  at  DocFinder:  1845. 

Questions  that  defy  answers 

But  Mike  McBride  asks  them  anyway  (at  DocFinder:  1846): 

“[W]hich  is  more  annoying,  sending  an  e-mail  to  all  of  staff  asking  them  not  to 
do  something,  and  less  than  three  weeks  later  finding  someone  doing  that  exact 
thing,  or  having  a  request  for  something  given  to  you,  with  important  information 
missing,  asking  for  that  information,  and  not  getting  any  response?" 

Social  networks:  The  next  big  thing? 

It's  a  long  essay,  but  “Smarter,  Simpler  Social”  provides  a  good  overview  of 
efforts  toward  a  sort  of  unified  theory  of  applications  —  in  which  applications 
adapt  to  the  people  who  use  them,  rather  than  the  other  way  around: 

“You  won't  see  SAP  release  a  ‘Social  Software  Module’  or  PeopleSoft 
announce  an  ‘Enterprise  Social  Software  Management'  product.  If  that  was  the 
case,  we  would  all  be  talking  about  it,  but  there  is  too  much  legacy.  Perhaps  this  is 
the  opportunity  for  major  categories  of  enterprise  software  to  be  fundamentally 
revisited  by  new  companies,  but  that  depends  upon  the  value  proposition." 

Read  the  whole  thing  at  DocFinder:  1847. 


Epidemic  networking  With  'Net  Buzz  away,  Network  World  Fusion  Executive  Editor  Adam  Gaffin  tries  to  fill 

We’ve  already  adopted  the  “virus”  paradigm  from  the  biologists,  so  why  not  use  in.  Read  him  daily  online  at  www.nwfusion.com/cornpendiurn/. 
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The  Network  is  the  Computer 


MAKE  SOLARIS 
FASTER 
MAKE  LINUX 
FASTER 

MAKE  YOUR  BUSINESS 
FASTER 


Introducing  Sun  Fire  Servers  Powered  by  AMD  Opteronj 

The  Solaris  Operating  System  and  Linux  are  up  to  45%  faster  than  comparable  32-bit  systems1  whjgMl 
servers  featuring  screaming  AMD  Opteron  processors.  ' ' 

Add  the  Sun  Java  Enterprise  System  -  Sun’s  entire  infrastructure  portfolio  of  software  -  and  Su^^H 
experience  the  full  Sun  systems  advantage.  Engineered  to  deliver  extreme  performance  at  compf|m  1 

Purchase  a  subscription  to  the  Java  Enterprise  Developer  Promotion  by  June  30,  2004  and  get  a  free  Sun  Fire  V20z  AMD  Opteron 
based  server.2  Sign  up  today  at  sun.com/jes. 
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Solaris 


OPT  FOR  SUN  AND  AMD  OPTERON  AT 

SUN.COM/V20Z 

OR  CALL  800.SU N.0404* 


1.  BASED  ON  TESTS  WITH  AMD  OPTERON  VS  3.2  GHZ  XEON  RUNNING  UNUX.  AMD  OPTERON  RAN  45%  FASTER  ON  SPECWEB  99SSL  -  BASED  ON  PUBUSHED  DATA  FROM  WWWtSPEC.ORG  1/22/04.  FOR  SOLARIS.  OS  MICROBENCHMARKST 
AVERAGE  42%  FASTER  ON  AN  AMD  OPTERON  PROCESSOR  MODEL  246  (2.0  GHZ)  BASED  SYSTEM  COMPARED  TO  A  3.2  GHZ  XEON  SYSTEM.  2.  OFFER  VAUD  IN  THE  US  AND  THROUGH  SUN  STORE  ONLY.  PROMOTION  VALID  THROUGH  AINE 
LIMITED  TIME  ONLY  GET  THE  JAVA  ENTERPRISE  DEVELOPER  PROMOTION.  A  VALUE  OF  OVER  U  S.  $7000.  FOR  ONLY  U  S.  $1499  PER  YEAR  FOR  A  3-YEAR  SUBSCRIPTION.  SEE  WEBSITE  FOR  DETAILS.  3  PRICING  IS  US.  UST  PRICE  A l Of1  R JOES' 
US  DOLLARS  TOLL-FREE  NUMBER  AVAILABLE  IN  THE  UNITED  STATES.  CANADA  AND  INTERNATIONAL  AMERICAS  ONLY.  .-"  .4.' 

c  2004  SUN  MICROSYSTEMS  INC  ALL  RIGHTS  RESERVED.  SUN.  SUN  MICROSYSTEMS,  THE  SUN  LOGO.  SOLARIS.  THE  SOLARIS  LOGO,  JAVA.  THE  JAVA  LOGO.  SUN  FIRE  AND  THE  NETWORK  IS  THE  COMPUTER  ARE1 
OF  SUN  MICROSYSTEMS,  INC.  IN  THE  UNITED  STATES  AND  OTHER  COUNTRIES.  AMD.  THE  AMO  ARROW  LOGO.  AMD  OPTERON  AND  COMBINATIONS  THEREOF.  ARE  TRADEMARKS  OF  ADVANCED  MICRO  DEVICES,  II 
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